DATABASE RESOURCES PRICING ABOUT US

{"id": "RAPID7BLOG:B37CF2E44EB6AA38B417BB09297CD3E1", "vendorId": null, "type": "rapid7blog", "bulletinFamily": "info", "title": "Patch Tuesday - October 2022", "description": "\n\nThe [October batch](<https://msrc.microsoft.com/update-guide/releaseNote/2022-Oct>) of CVEs published by Microsoft includes 96 vulnerabilities, including 12 fixed earlier this month that affect the Chromium project used by their Edge browser.\n\nTop of mind for many this month is whether Microsoft would patch the two [Exchange Server zero-day vulnerabilities](<https://www.rapid7.com/blog/post/2022/09/29/suspected-post-authentication-zero-day-vulnerabilities-in-microsoft-exchange-server/>) ([CVE-2022-41040](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41040>) and [CVE-2022-41082](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41082>)) disclosed at the end of September. While Microsoft was relatively quick to acknowledge the vulnerabilities and [provide mitigation steps](<https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/>), their guidance has continually changed as the recommended rules to block attack traffic get bypassed. This whack-a-mole approach seems likely to continue until a proper patch addressing the root causes is available; unfortunately, it doesn\u2019t look like that will be happening today. Thankfully, the impact should be more limited than 2021\u2019s ProxyShell and ProxyLogon vulnerabilities due to attackers needing to be authenticated to the server for successful exploitation. Reports are also surfacing about an additional zero-day distinct from these being used in ransomware attacks; however, these have not yet been substantiated.\n\nMicrosoft did address two other zero-day vulnerabilities with today\u2019s patches. [CVE-2022-41033](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41033>), an Elevation of Privilege vulnerability affecting the COM+ Event System Service in all supported versions of Windows, has been seen exploited in the wild. [CVE-2022-41043](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41043>) is an Information Disclosure vulnerability affecting Office for Mac that was publicly disclosed but not (yet) seen exploited in the wild.\n\nNine CVEs categorized as Remote Code Execution (RCE) with Critical severity were also patched today \u2013 seven of them affect the Point-to-Point Tunneling Protocol, and like those fixed last month, require an attacker to win a race condition to exploit them. [CVE-2022-38048](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38048>) affects all supported versions of Office, and [CVE-2022-41038](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41038>) could allow an attacker authenticated to SharePoint to execute arbitrary code on the server, provided the account has \u201cManage List\u201d permissions.\n\nMaxing out the CVSS base score with a 10.0 this month is [CVE-2022-37968](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37968>), an Elevation of Privilege vulnerability in the Azure Arc-enabled Kubernetes cluster Connect component. It\u2019s unclear why Microsoft has assigned such a high score, given that an attacker would need to know the randomly generated external DNS endpoint for an Azure Arc-enabled Kubernetes cluster (arguably making the Attack Complexity \u201cHigh\u201d). That said, if this condition is met then an unauthenticated user could become a cluster admin and potentially gain control over the Kubernetes cluster. Users of Azure Arc and Azure Stack Edge should check whether auto-updates are turned on, and if not, upgrade manually as soon as possible.\n\n## Summary charts\n\n\n\n## Summary tables\n\n### Azure vulnerabilities\n\nCVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-37968](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37968>) | Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vulnerability | No | No | 10 | Yes \n[CVE-2022-38017](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38017>) | StorSimple 8000 Series Elevation of Privilege Vulnerability | No | No | 6.8 | Yes \n[CVE-2022-35829](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35829>) | Service Fabric Explorer Spoofing Vulnerability | No | No | 6.2 | Yes \n \n### Browser vulnerabilities\n\nCVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-41035](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41035>) | Microsoft Edge (Chromium-based) Spoofing Vulnerability | No | No | 8.3 | Yes \n[CVE-2022-3373](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3373>) | Chromium: CVE-2022-3373 Out of bounds write in V8 | No | No | N/A | Yes \n[CVE-2022-3370](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3370>) | Chromium: CVE-2022-3370 Use after free in Custom Elements | No | No | N/A | Yes \n[CVE-2022-3317](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3317>) | Chromium: CVE-2022-3317 Insufficient validation of untrusted input in Intents | No | No | N/A | Yes \n[CVE-2022-3316](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3316>) | Chromium: CVE-2022-3316 Insufficient validation of untrusted input in Safe Browsing | No | No | N/A | Yes \n[CVE-2022-3315](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3315>) | Chromium: CVE-2022-3315 Type confusion in Blink | No | No | N/A | Yes \n[CVE-2022-3313](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3313>) | Chromium: CVE-2022-3313 Incorrect security UI in Full Screen | No | No | N/A | Yes \n[CVE-2022-3311](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3311>) | Chromium: CVE-2022-3311 Use after free in Import | No | No | N/A | Yes \n[CVE-2022-3310](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3310>) | Chromium: CVE-2022-3310 Insufficient policy enforcement in Custom Tabs | No | No | N/A | Yes \n[CVE-2022-3308](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3308>) | Chromium: CVE-2022-3308 Insufficient policy enforcement in Developer Tools | No | No | N/A | Yes \n[CVE-2022-3307](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3307>) | Chromium: CVE-2022-3307 Use after free in Media | No | No | N/A | Yes \n[CVE-2022-3304](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-3304>) | Chromium: CVE-2022-3304 Use after free in CSS | No | No | N/A | Yes \n \n### Developer Tools vulnerabilities\n\nCVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-41034](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41034>) | Visual Studio Code Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-41083](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41083>) | Visual Studio Code Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-41032](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41032>) | NuGet Client Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-41042](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41042>) | Visual Studio Code Information Disclosure Vulnerability | No | No | 7.4 | Yes \n \n### Microsoft Office vulnerabilities\n\nCVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-41038](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41038>) | Microsoft SharePoint Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-41036](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41036>) | Microsoft SharePoint Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-41037](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41037>) | Microsoft SharePoint Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-38053](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38053>) | Microsoft SharePoint Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-41031](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41031>) | Microsoft Word Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-38048](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38048>) | Microsoft Office Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-38049](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38049>) | Microsoft Office Graphics Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-38001](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38001>) | Microsoft Office Spoofing Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-41043](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41043>) | Microsoft Office Information Disclosure Vulnerability | No | Yes | 3.3 | Yes \n \n### System Center vulnerabilities\n\nCVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-37971](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37971>) | Microsoft Windows Defender Elevation of Privilege Vulnerability | No | No | 7.1 | Yes \n \n### Windows vulnerabilities\n\nCVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-38016](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38016>) | Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-38045](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38045>) | Server Service Remote Protocol Elevation of Privilege Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-37984](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37984>) | Windows WLAN Service Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-38003](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38003>) | Windows Resilient File System Elevation of Privilege | No | No | 7.8 | Yes \n[CVE-2022-38028](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38028>) | Windows Print Spooler Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-38039](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38039>) | Windows Kernel Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-37995](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37995>) | Windows Kernel Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-37979](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37979>) | Windows Hyper-V Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-37970](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37970>) | Windows DWM Core Library Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-37980](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37980>) | Windows DHCP Client Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-38050](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38050>) | Win32k Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-37983](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37983>) | Microsoft DWM Core Library Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-37998](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37998>) | Windows Local Session Manager (LSM) Denial of Service Vulnerability | No | No | 7.7 | Yes \n[CVE-2022-37973](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37973>) | Windows Local Session Manager (LSM) Denial of Service Vulnerability | No | No | 7.7 | Yes \n[CVE-2022-38036](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38036>) | Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability | No | No | 7.5 | No \n[CVE-2022-38027](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38027>) | Windows Storage Elevation of Privilege Vulnerability | No | No | 7 | Yes \n[CVE-2022-38021](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38021>) | Connected User Experiences and Telemetry Elevation of Privilege Vulnerability | No | No | 7 | Yes \n[CVE-2022-37974](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37974>) | Windows Mixed Reality Developer Tools Information Disclosure Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-38046](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38046>) | Web Account Manager Information Disclosure Vulnerability | No | No | 6.2 | Yes \n[CVE-2022-37965](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37965>) | Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability | No | No | 5.9 | Yes \n[CVE-2022-37996](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37996>) | Windows Kernel Memory Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2022-38025](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38025>) | Windows Distributed File System (DFS) Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2022-38030](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38030>) | Windows USB Serial Driver Information Disclosure Vulnerability | No | No | 4.3 | Yes \n \n### Windows ESU vulnerabilities\n\nCVE | Title | Exploited? | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-37982](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37982>) | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-38031](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38031>) | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-38040](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38040>) | Microsoft ODBC Driver Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-37976](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37976>) | Active Directory Certificate Services Elevation of Privilege Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-30198](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30198>) | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | No | No | 8.1 | Yes \n[CVE-2022-22035](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22035>) | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | No | No | 8.1 | Yes \n[CVE-2022-24504](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24504>) | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | No | No | 8.1 | Yes \n[CVE-2022-33634](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33634>) | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | No | No | 8.1 | Yes \n[CVE-2022-38047](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38047>) | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | No | No | 8.1 | Yes \n[CVE-2022-38000](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38000>) | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | No | No | 8.1 | Yes \n[CVE-2022-41081](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41081>) | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | No | No | 8.1 | Yes \n[CVE-2022-37986](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37986>) | Windows Win32k Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-37988](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37988>) | Windows Kernel Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-38037](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38037>) | Windows Kernel Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-38038](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38038>) | Windows Kernel Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-37990](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37990>) | Windows Kernel Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-37991](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37991>) | Windows Kernel Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-37999](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37999>) | Windows Group Policy Preference Client Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-37993](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37993>) | Windows Group Policy Preference Client Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-37994](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37994>) | Windows Group Policy Preference Client Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-37975](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37975>) | Windows Group Policy Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-38051](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38051>) | Windows Graphics Component Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-37997](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37997>) | Windows Graphics Component Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-33635](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33635>) | Windows GDI+ Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-37987](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37987>) | Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-37989](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37989>) | Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-41033](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41033>) | Windows COM+ Event System Service Elevation of Privilege Vulnerability | Yes | No | 7.8 | Yes \n[CVE-2022-38044](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38044>) | Windows CD-ROM File System Driver Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-33645](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33645>) | Windows TCP/IP Driver Denial of Service Vulnerability | No | No | 7.5 | No \n[CVE-2022-38041](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38041>) | Windows Secure Channel Denial of Service Vulnerability | No | No | 7.5 | No \n[CVE-2022-34689](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34689>) | Windows CryptoAPI Spoofing Vulnerability | No | No | 7.5 | Yes \n[CVE-2022-37978](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37978>) | Windows Active Directory Certificate Services Security Feature Bypass | No | No | 7.5 | Yes \n[CVE-2022-38042](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38042>) | Active Directory Domain Services Elevation of Privilege Vulnerability | No | No | 7.1 | Yes \n[CVE-2022-38029](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38029>) | Windows ALPC Elevation of Privilege Vulnerability | No | No | 7 | Yes \n[CVE-2022-38033](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38033>) | Windows Server Remotely Accessible Registry Keys Information Disclosure Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-35770](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35770>) | Windows NTLM Spoofing Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-37977](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37977>) | Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability | No | No | 6.5 | No \n[CVE-2022-38032](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38032>) | Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability | No | No | 5.9 | Yes \n[CVE-2022-38043](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38043>) | Windows Security Support Provider Interface Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2022-37985](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37985>) | Windows Graphics Component Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2022-38026](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38026>) | Windows DHCP Client Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2022-38034](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38034>) | Windows Workstation Service Elevation of Privilege Vulnerability | No | No | 4.3 | Yes \n[CVE-2022-37981](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37981>) | Windows Event Logging Service Denial of Service Vulnerability | No | No | 4.3 | Yes \n[CVE-2022-38022](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38022>) | Windows Kernel Elevation of Privilege Vulnerability | No | No | 2.5 | Yes", "published": "2022-10-11T18:35:28", "modified": "2022-10-11T18:35:28", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 6.0}, "href": "https://blog.rapid7.com/2022/10/11/patch-tuesday-october-2022/", "reporter": "Greg Wiseman", "references": [], "cvelist": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-3304", "CVE-2022-3307", "CVE-2022-3308", "CVE-2022-3310", "CVE-2022-3311", "CVE-2022-3313", "CVE-2022-3315", "CVE-2022-3316", "CVE-2022-3317", "CVE-2022-33634", "CVE-2022-33635", "CVE-2022-33645", "CVE-2022-3370", "CVE-2022-3373", "CVE-2022-34689", "CVE-2022-35770", "CVE-2022-35829", "CVE-2022-37965", "CVE-2022-37968", "CVE-2022-37970", "CVE-2022-37971", "CVE-2022-37973", "CVE-2022-37974", "CVE-2022-37975", "CVE-2022-37976", "CVE-2022-37977", "CVE-2022-37978", "CVE-2022-37979", "CVE-2022-37980", "CVE-2022-37981", "CVE-2022-37982", "CVE-2022-37983", "CVE-2022-37984", "CVE-2022-37985", "CVE-2022-37986", "CVE-2022-37987", "CVE-2022-37988", "CVE-2022-37989", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37993", "CVE-2022-37994", "CVE-2022-37995", "CVE-2022-37996", "CVE-2022-37997", "CVE-2022-37998", "CVE-2022-37999", "CVE-2022-38000", "CVE-2022-38001", "CVE-2022-38003", "CVE-2022-38016", "CVE-2022-38017", "CVE-2022-38021", "CVE-2022-38022", "CVE-2022-38025", "CVE-2022-38026", "CVE-2022-38027", "CVE-2022-38028", "CVE-2022-38029", "CVE-2022-38030", "CVE-2022-38031", "CVE-2022-38032", "CVE-2022-38033", "CVE-2022-38034", "CVE-2022-38036", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38039", "CVE-2022-38040", "CVE-2022-38041", "CVE-2022-38042", "CVE-2022-38043", "CVE-2022-38044", "CVE-2022-38045", "CVE-2022-38046", "CVE-2022-38047", "CVE-2022-38048", "CVE-2022-38049", "CVE-2022-38050", "CVE-2022-38051", "CVE-2022-38053", "CVE-2022-41031", "CVE-2022-41032", "CVE-2022-41033", "CVE-2022-41034", "CVE-2022-41035", "CVE-2022-41036", "CVE-2022-41037", "CVE-2022-41038", "CVE-2022-41040", "CVE-2022-41042", "CVE-2022-41043", "CVE-2022-41081", "CVE-2022-41082", "CVE-2022-41083"], "immutableFields": [], "lastseen": "2022-10-11T22:01:25", "viewCount": 111, "enchantments": {"score": {"value": 1.6, "vector": "NONE"}, "dependencies": {"references": [{"type": "akamaiblog", "idList": ["AKAMAIBLOG:0287B84AF09C377FDC8D475774722858"]}, {"type": "attackerkb", "idList": ["AKB:9EA74C88-E0C0-4B13-802D-551307F35B3F", "AKB:B18222FB-1EF5-4D55-899B-61BD7ECF0FAA"]}, {"type": "cert", "idList": ["VU:915563"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2022-0628"]}, {"type": "chrome", "idList": ["GCSA-2051179631675359832", "GCSA-8820382610464526564"]}, {"type": "cisa", "idList": ["CISA:8ED5E84007437E9B88D2418732B63E04"]}, {"type": "cisa_kev", "idList": ["CISA-KEV-CVE-2022-41040", "CISA-KEV-CVE-2022-41082"]}, {"type": "cnvd", "idList": ["CNVD-2022-67837", "CNVD-2022-67838"]}, {"type": "cve", "idList": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-33634", "CVE-2022-33635", "CVE-2022-33645", "CVE-2022-34689", "CVE-2022-35770", "CVE-2022-35829", "CVE-2022-37965", "CVE-2022-37968", "CVE-2022-37970", "CVE-2022-37971", "CVE-2022-37973", "CVE-2022-37974", "CVE-2022-37975", "CVE-2022-37976", "CVE-2022-37977", "CVE-2022-37978", "CVE-2022-37979", "CVE-2022-37980", "CVE-2022-37981", "CVE-2022-37982", "CVE-2022-37983", "CVE-2022-37984", "CVE-2022-37985", "CVE-2022-37986", "CVE-2022-37987", "CVE-2022-37988", "CVE-2022-37989", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37993", "CVE-2022-37994", "CVE-2022-37995", "CVE-2022-37996", "CVE-2022-37997", "CVE-2022-37998", "CVE-2022-37999", "CVE-2022-38000", "CVE-2022-38001", "CVE-2022-38003", "CVE-2022-38016", "CVE-2022-38017", "CVE-2022-38021", "CVE-2022-38022", "CVE-2022-38025", "CVE-2022-38026", "CVE-2022-38027", "CVE-2022-38028", "CVE-2022-38029", "CVE-2022-38030", "CVE-2022-38031", "CVE-2022-38032", "CVE-2022-38033", "CVE-2022-38034", "CVE-2022-38036", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38039", "CVE-2022-38040", "CVE-2022-38041", "CVE-2022-38042", "CVE-2022-38043", "CVE-2022-38044", "CVE-2022-38045", "CVE-2022-38046", "CVE-2022-38047", "CVE-2022-38048", "CVE-2022-38049", "CVE-2022-38050", "CVE-2022-38051", "CVE-2022-38053", "CVE-2022-41031", "CVE-2022-41032", "CVE-2022-41033", "CVE-2022-41034", "CVE-2022-41035", "CVE-2022-41036", "CVE-2022-41037", "CVE-2022-41038", "CVE-2022-41040", "CVE-2022-41042", "CVE-2022-41043", "CVE-2022-41081", "CVE-2022-41082", "CVE-2022-41083"]}, {"type": "debian", "idList": ["DEBIAN:DSA-5244-1:E42C3", "DEBIAN:DSA-5245-1:D4746"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2022-3304", "DEBIANCVE:CVE-2022-3307", "DEBIANCVE:CVE-2022-3308", "DEBIANCVE:CVE-2022-3310", "DEBIANCVE:CVE-2022-3311", "DEBIANCVE:CVE-2022-3313", "DEBIANCVE:CVE-2022-3315", "DEBIANCVE:CVE-2022-3316", "DEBIANCVE:CVE-2022-3317", "DEBIANCVE:CVE-2022-3370", "DEBIANCVE:CVE-2022-3373"]}, {"type": "freebsd", "idList": ["18529CB0-3E9C-11ED-9BC7-3065EC8FD3EC", "D459C914-4100-11ED-9BC7-3065EC8FD3EC"]}, {"type": "github", "idList": ["GHSA-G3Q9-XF95-8HP5"]}, {"type": "githubexploit", "idList": ["031A1BA5-EA1C-586D-8614-7558CCA5FCCB", "04705DD0-6F67-5847-B368-4ADB734EC12B", "0AA01487-E0E5-59CB-9A45-A5DE55F290A6", "0E54CE3B-3E70-59B7-BB6B-AC20C8611B38", "17DBAF5D-D221-53A1-8663-721B510E680E", "2DFE744C-4369-56D5-9FEA-348B4150C298", "3410A018-A761-5411-8E58-892F756D299A", "346026AA-22B5-5F79-9544-28E8E7CFE3F2", "480AA36A-BFDC-54DD-AE13-43A3FE97ADCE", "553EF29F-6CB4-5F8F-91AD-85FC945A94E0", "58C7CDFB-F328-57B4-ACE6-CA3966DB0EEB", "5C16D945-0879-5E51-B2AF-B106F633656A", "6064317C-299E-530F-81F1-F80C282AE68A", "6776EABD-28C1-5A42-8AB2-27BD7F492078", "6E208382-5651-5649-B6C1-F9EF3A08EA81", "87179042-CF32-5495-87D0-B916B42259D2", "9905FF79-0EE2-5313-9486-DA71B70A3D88", "9945D2DB-9314-5400-8C2B-94D4BD603DD9", "B6C642BC-915E-52EA-80B0-BC40EDC884CC", "B8464218-31FA-569A-AC74-26B347DEC285", "BC7AA745-CDB6-554E-B6CC-A50E97B7ECE5", "CF3485E1-2E99-580B-BC50-D61EA587BA40", "D52F3F41-2E8A-5FC2-AA35-BC6707158F1A", "D58D53CD-D047-5570-B473-DEFF8E3B0225", "E4395A48-164E-527F-8B5B-1A44D3F379B6", "FE6D7F99-F6AF-559F-93A5-786367B77158"]}, {"type": "hackread", "idList": ["HACKREAD:E34C6E8908AE56B0B1176B1237BFDF36"]}, {"type": "hivepro", "idList": ["HIVEPRO:B4C85BEFF3E49468BE44E35CEC3A7DE6"]}, {"type": "impervablog", "idList": ["IMPERVABLOG:2303181B17E64D6C752ACD64C5A2B39C"]}, {"type": "kaspersky", "idList": ["KLA19264", "KLA19267", "KLA19999"]}, {"type": "krebs", "idList": ["KREBS:04BF4A7775A9C0B7DE1A20C71586245A", "KREBS:6E25B247DFBFC9267C00F36CE0695768"]}, {"type": "mageia", "idList": ["MGASA-2022-0357"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:DDF3883C3A8B9A70629872FE83522C17"]}, {"type": "mmpc", "idList": ["MMPC:C857BFAD4920FD5B25BF42D5469945F6"]}, {"type": "mscve", "idList": ["MS:CVE-2022-22035", "MS:CVE-2022-24504", "MS:CVE-2022-30198", "MS:CVE-2022-3304", "MS:CVE-2022-3307", "MS:CVE-2022-3308", "MS:CVE-2022-3310", "MS:CVE-2022-3311", "MS:CVE-2022-3313", "MS:CVE-2022-3315", "MS:CVE-2022-3316", "MS:CVE-2022-3317", "MS:CVE-2022-33634", "MS:CVE-2022-33635", "MS:CVE-2022-33645", "MS:CVE-2022-3370", "MS:CVE-2022-3373", "MS:CVE-2022-34689", "MS:CVE-2022-35770", "MS:CVE-2022-35829", "MS:CVE-2022-37965", "MS:CVE-2022-37968", "MS:CVE-2022-37970", "MS:CVE-2022-37971", "MS:CVE-2022-37973", "MS:CVE-2022-37974", "MS:CVE-2022-37975", "MS:CVE-2022-37976", "MS:CVE-2022-37977", "MS:CVE-2022-37978", "MS:CVE-2022-37979", "MS:CVE-2022-37980", "MS:CVE-2022-37981", "MS:CVE-2022-37982", "MS:CVE-2022-37983", "MS:CVE-2022-37984", "MS:CVE-2022-37985", "MS:CVE-2022-37986", "MS:CVE-2022-37987", "MS:CVE-2022-37988", "MS:CVE-2022-37989", "MS:CVE-2022-37990", "MS:CVE-2022-37991", "MS:CVE-2022-37993", "MS:CVE-2022-37994", "MS:CVE-2022-37995", "MS:CVE-2022-37996", "MS:CVE-2022-37997", "MS:CVE-2022-37998", "MS:CVE-2022-37999", "MS:CVE-2022-38000", "MS:CVE-2022-38001", "MS:CVE-2022-38003", "MS:CVE-2022-38016", "MS:CVE-2022-38017", "MS:CVE-2022-38021", "MS:CVE-2022-38022", "MS:CVE-2022-38025", "MS:CVE-2022-38026", "MS:CVE-2022-38027", "MS:CVE-2022-38028", "MS:CVE-2022-38029", "MS:CVE-2022-38030", "MS:CVE-2022-38031", "MS:CVE-2022-38032", "MS:CVE-2022-38033", "MS:CVE-2022-38034", "MS:CVE-2022-38036", "MS:CVE-2022-38037", "MS:CVE-2022-38038", "MS:CVE-2022-38039", "MS:CVE-2022-38040", "MS:CVE-2022-38041", "MS:CVE-2022-38042", "MS:CVE-2022-38043", "MS:CVE-2022-38044", "MS:CVE-2022-38045", "MS:CVE-2022-38046", "MS:CVE-2022-38047", "MS:CVE-2022-38048", "MS:CVE-2022-38049", "MS:CVE-2022-38050", "MS:CVE-2022-38051", "MS:CVE-2022-38053", "MS:CVE-2022-41031", "MS:CVE-2022-41032", "MS:CVE-2022-41033", "MS:CVE-2022-41034", "MS:CVE-2022-41035", "MS:CVE-2022-41036", "MS:CVE-2022-41037", "MS:CVE-2022-41038", "MS:CVE-2022-41040", "MS:CVE-2022-41042", "MS:CVE-2022-41043", "MS:CVE-2022-41081", "MS:CVE-2022-41082", "MS:CVE-2022-41083"]}, {"type": "mssecure", "idList": ["MSSECURE:C857BFAD4920FD5B25BF42D5469945F6"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-5244.NASL", "DEBIAN_DSA-5245.NASL", "EXCHANGE_CVE-2022-41040_IOC.NBIN", "FREEBSD_PKG_18529CB03E9C11ED9BC73065EC8FD3EC.NASL", "FREEBSD_PKG_D459C914410011ED9BC73065EC8FD3EC.NASL", "GOOGLE_CHROME_106_0_5249_61.NASL", "GOOGLE_CHROME_106_0_5249_91.NASL", "MACOSX_GOOGLE_CHROME_106_0_5249_61.NASL", "MACOSX_GOOGLE_CHROME_106_0_5249_91.NASL", "MICROSOFT_EDGE_CHROMIUM_106_0_1370_34.NASL", "SMB_NT_MS22_OCT_EXCHANGE_ZERODAY.NASL"]}, {"type": "osv", "idList": ["OSV:DSA-5244-1", "OSV:DSA-5245-1", "OSV:GHSA-G3Q9-XF95-8HP5"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:89B0E9C4C12FFA944639C5B7B34594DB", "QUALYSBLOG:F062F85432853297A014064EA7A5C183"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:90A5B4252807D9A3550CB8449AA62109"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2022:10138-1", "OPENSUSE-SU-2022:10139-1"]}, {"type": "talosblog", "idList": ["TALOSBLOG:12103F398364269083FD96139F0F6562", "TALOSBLOG:A0B0983119E043D75EA7712A7172A942", "TALOSBLOG:FC6B0635136460B7A28F081107A8712E"]}, {"type": "thn", "idList": ["THN:5293CFD6ACCF7BFD2EDDE976C7C06C15", "THN:54023E40C0AA4CB15793A39F3AF102AB", "THN:6B72050A86FFDCE9A0B2CF6F44293A1B", "THN:8200D2C2E1DD329D680C5E699177551B", "THN:A5B36072ED31304F26AF0879E3E5710E"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2022-3304", "UB:CVE-2022-3307", "UB:CVE-2022-3308", "UB:CVE-2022-3310", "UB:CVE-2022-3311", "UB:CVE-2022-3313", "UB:CVE-2022-3315", "UB:CVE-2022-3316", "UB:CVE-2022-3317", "UB:CVE-2022-3370", "UB:CVE-2022-3373"]}]}, "epss": [{"cve": "CVE-2022-22035", "epss": "0.006120000", "percentile": "0.754350000", "modified": "2023-03-19"}, {"cve": "CVE-2022-24504", "epss": "0.006120000", "percentile": "0.754350000", "modified": "2023-03-19"}, {"cve": "CVE-2022-30198", "epss": "0.006120000", "percentile": "0.754350000", "modified": "2023-03-19"}, {"cve": "CVE-2022-3304", "epss": "0.000620000", "percentile": "0.243890000", "modified": "2023-03-19"}, {"cve": "CVE-2022-3307", "epss": "0.000620000", "percentile": "0.243890000", "modified": "2023-03-19"}, {"cve": "CVE-2022-3308", "epss": "0.000660000", "percentile": "0.271090000", "modified": "2023-03-19"}, {"cve": "CVE-2022-3310", "epss": "0.000480000", "percentile": "0.148070000", "modified": "2023-03-19"}, {"cve": "CVE-2022-3311", "epss": "0.000870000", "percentile": "0.355720000", "modified": "2023-03-19"}, {"cve": "CVE-2022-3313", "epss": "0.000610000", "percentile": "0.239950000", "modified": "2023-03-19"}, {"cve": "CVE-2022-3315", "epss": "0.000620000", "percentile": "0.245920000", "modified": "2023-03-19"}, {"cve": "CVE-2022-3316", "epss": "0.000610000", "percentile": "0.238630000", "modified": "2023-03-19"}, {"cve": "CVE-2022-3317", "epss": "0.000610000", "percentile": "0.238630000", "modified": "2023-03-19"}, {"cve": "CVE-2022-33634", "epss": "0.006120000", "percentile": "0.754350000", "modified": "2023-03-19"}, {"cve": "CVE-2022-33635", "epss": "0.001130000", "percentile": "0.432670000", "modified": "2023-03-19"}, {"cve": "CVE-2022-33645", "epss": "0.000940000", "percentile": "0.383930000", "modified": "2023-03-19"}, {"cve": "CVE-2022-3370", "epss": "0.000620000", "percentile": "0.243890000", "modified": "2023-03-19"}, {"cve": "CVE-2022-3373", "epss": "0.000620000", "percentile": "0.245920000", "modified": "2023-03-19"}, {"cve": "CVE-2022-34689", "epss": "0.002240000", "percentile": "0.589070000", "modified": "2023-03-19"}, {"cve": "CVE-2022-35770", "epss": "0.001430000", "percentile": "0.484560000", "modified": "2023-03-19"}, {"cve": "CVE-2022-35829", "epss": "0.000510000", "percentile": "0.176010000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37965", "epss": "0.001620000", "percentile": "0.510730000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37968", "epss": "0.002280000", "percentile": "0.592430000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37970", "epss": "0.000440000", "percentile": "0.078920000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37971", "epss": "0.001120000", "percentile": "0.429770000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37973", "epss": "0.001050000", "percentile": "0.412640000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37974", "epss": "0.002870000", "percentile": "0.639000000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37975", "epss": "0.000660000", "percentile": "0.267950000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37976", "epss": "0.000660000", "percentile": "0.267950000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37977", "epss": "0.000870000", "percentile": "0.350210000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37978", "epss": "0.000460000", "percentile": "0.139470000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37979", "epss": "0.000440000", "percentile": "0.078920000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37980", "epss": "0.000480000", "percentile": "0.144810000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37981", "epss": "0.000590000", "percentile": "0.228490000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37982", "epss": "0.013900000", "percentile": "0.843180000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37983", "epss": "0.000480000", "percentile": "0.144810000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37984", "epss": "0.000480000", "percentile": "0.144810000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37985", "epss": "0.000450000", "percentile": "0.123740000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37986", "epss": "0.000480000", "percentile": "0.144550000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37987", "epss": "0.000440000", "percentile": "0.105300000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37988", "epss": "0.000470000", "percentile": "0.140820000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37989", "epss": "0.000480000", "percentile": "0.144550000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37990", "epss": "0.000440000", "percentile": "0.083420000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37991", "epss": "0.000470000", "percentile": "0.140820000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37993", "epss": "0.000480000", "percentile": "0.144810000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37994", "epss": "0.000480000", "percentile": "0.144810000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37995", "epss": "0.000440000", "percentile": "0.083420000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37996", "epss": "0.000480000", "percentile": "0.144810000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37997", "epss": "0.000480000", "percentile": "0.144550000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37998", "epss": "0.001080000", "percentile": "0.421160000", "modified": "2023-03-19"}, {"cve": "CVE-2022-37999", "epss": "0.000480000", "percentile": "0.144810000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38000", "epss": "0.006120000", "percentile": "0.754350000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38001", "epss": "0.000920000", "percentile": "0.377120000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38003", "epss": "0.000480000", "percentile": "0.144810000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38016", "epss": "0.000480000", "percentile": "0.144810000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38017", "epss": "0.000510000", "percentile": "0.175820000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38021", "epss": "0.000430000", "percentile": "0.075570000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38022", "epss": "0.000440000", "percentile": "0.083420000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38025", "epss": "0.000480000", "percentile": "0.144810000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38026", "epss": "0.000480000", "percentile": "0.144810000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38027", "epss": "0.000430000", "percentile": "0.074810000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38028", "epss": "0.000480000", "percentile": "0.144810000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38029", "epss": "0.000430000", "percentile": "0.075570000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38030", "epss": "0.000480000", "percentile": "0.144810000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38031", "epss": "0.027660000", "percentile": "0.889680000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38032", "epss": "0.000610000", "percentile": "0.235400000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38033", "epss": "0.000450000", "percentile": "0.124400000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38034", "epss": "0.000460000", "percentile": "0.139470000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38036", "epss": "0.001790000", "percentile": "0.533400000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38037", "epss": "0.000470000", "percentile": "0.140820000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38038", "epss": "0.000470000", "percentile": "0.140820000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38039", "epss": "0.000440000", "percentile": "0.083420000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38040", "epss": "0.027660000", "percentile": "0.889680000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38041", "epss": "0.001620000", "percentile": "0.510730000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38042", "epss": "0.000430000", "percentile": "0.058120000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38043", "epss": "0.000440000", "percentile": "0.083420000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38044", "epss": "0.001140000", "percentile": "0.434450000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38045", "epss": "0.000460000", "percentile": "0.128030000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38046", "epss": "0.001100000", "percentile": "0.424040000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38047", "epss": "0.006120000", "percentile": "0.754350000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38048", "epss": "0.001140000", "percentile": "0.434450000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38049", "epss": "0.001130000", "percentile": "0.432670000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38050", "epss": "0.000480000", "percentile": "0.144810000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38051", "epss": "0.000480000", "percentile": "0.144810000", "modified": "2023-03-19"}, {"cve": "CVE-2022-38053", "epss": "0.003830000", "percentile": "0.688370000", "modified": "2023-03-19"}, {"cve": "CVE-2022-41031", "epss": "0.001130000", "percentile": "0.432670000", "modified": "2023-03-19"}, {"cve": "CVE-2022-41032", "epss": "0.000480000", "percentile": "0.145600000", "modified": "2023-03-19"}, {"cve": "CVE-2022-41033", "epss": "0.002040000", "percentile": "0.566230000", "modified": "2023-03-19"}, {"cve": "CVE-2022-41034", "epss": "0.004170000", "percentile": "0.700820000", "modified": "2023-03-19"}, {"cve": "CVE-2022-41035", "epss": "0.000930000", "percentile": "0.382430000", "modified": "2023-03-19"}, {"cve": "CVE-2022-41036", "epss": "0.004400000", "percentile": "0.708290000", "modified": "2023-03-19"}, {"cve": "CVE-2022-41037", "epss": "0.003830000", "percentile": "0.688370000", "modified": "2023-03-19"}, {"cve": "CVE-2022-41038", "epss": "0.003830000", "percentile": "0.688370000", "modified": "2023-03-19"}, {"cve": "CVE-2022-41040", "epss": "0.951500000", "percentile": "0.988580000", "modified": "2023-03-19"}, {"cve": "CVE-2022-41042", "epss": "0.000920000", "percentile": "0.377960000", "modified": "2023-03-19"}, {"cve": "CVE-2022-41043", "epss": "0.000440000", "percentile": "0.083420000", "modified": "2023-03-19"}, {"cve": "CVE-2022-41081", "epss": "0.021420000", "percentile": "0.874990000", "modified": "2023-03-19"}, {"cve": "CVE-2022-41082", "epss": "0.970140000", "percentile": "0.995460000", "modified": "2023-03-19"}, {"cve": "CVE-2022-41083", "epss": "0.000480000", "percentile": "0.144810000", "modified": "2023-03-19"}], "vulnersScore": 1.6}, "_state": {"score": 1665527674, "dependencies": 1665527528, "epss": 1679305952}, "_internal": {"score_hash": "9b32d02f1f1bb61d658a48bde51f1fc0"}}

{"nessus": [{"lastseen": "2023-02-26T02:47:21", "description": "The remote Windows host is missing security update 5018419. It is, therefore, affected by multiple vulnerabilities\n\n - Server Service Remote Protocol Elevation of Privilege Vulnerability (CVE-2022-38045)\n\n - Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2022-38040)\n\n - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2022-37982, CVE-2022-38031)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T00:00:00", "type": "nessus", "title": "KB5018419: Windows 10 version 1809 / Windows Server 2019 Security Update (October 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-33634", "CVE-2022-33635", "CVE-2022-33645", "CVE-2022-35770", "CVE-2022-37965", "CVE-2022-37970", "CVE-2022-37975", "CVE-2022-37976", "CVE-2022-37977", "CVE-2022-37978", "CVE-2022-37979", "CVE-2022-37981", "CVE-2022-37982", "CVE-2022-37983", "CVE-2022-37984", "CVE-2022-37985", "CVE-2022-37986", "CVE-2022-37987", "CVE-2022-37988", "CVE-2022-37989", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37993", "CVE-2022-37994", "CVE-2022-37995", "CVE-2022-37996", "CVE-2022-37997", "CVE-2022-37999", "CVE-2022-38000", "CVE-2022-38003", "CVE-2022-38016", "CVE-2022-38021", "CVE-2022-38022", "CVE-2022-38026", "CVE-2022-38027", "CVE-2022-38028", "CVE-2022-38029", "CVE-2022-38030", "CVE-2022-38031", "CVE-2022-38032", "CVE-2022-38033", "CVE-2022-38034", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38039", "CVE-2022-38040", "CVE-2022-38041", "CVE-2022-38042", "CVE-2022-38043", "CVE-2022-38044", "CVE-2022-38045", "CVE-2022-38046", "CVE-2022-38047", "CVE-2022-38050", "CVE-2022-38051", "CVE-2022-41033", "CVE-2022-41081"], "modified": "2023-02-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_OCT_5018419.NASL", "href": "https://www.tenable.com/plugins/nessus/166025", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166025);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/09\");\n\n script_cve_id(\n \"CVE-2022-22035\",\n \"CVE-2022-24504\",\n \"CVE-2022-30198\",\n \"CVE-2022-33634\",\n \"CVE-2022-33635\",\n \"CVE-2022-33645\",\n \"CVE-2022-35770\",\n \"CVE-2022-37965\",\n \"CVE-2022-37970\",\n \"CVE-2022-37975\",\n \"CVE-2022-37976\",\n \"CVE-2022-37977\",\n \"CVE-2022-37978\",\n \"CVE-2022-37979\",\n \"CVE-2022-37981\",\n \"CVE-2022-37982\",\n \"CVE-2022-37983\",\n \"CVE-2022-37984\",\n \"CVE-2022-37985\",\n \"CVE-2022-37986\",\n \"CVE-2022-37987\",\n \"CVE-2022-37988\",\n \"CVE-2022-37989\",\n \"CVE-2022-37990\",\n \"CVE-2022-37991\",\n \"CVE-2022-37993\",\n \"CVE-2022-37994\",\n \"CVE-2022-37995\",\n \"CVE-2022-37996\",\n \"CVE-2022-37997\",\n \"CVE-2022-37999\",\n \"CVE-2022-38000\",\n \"CVE-2022-38003\",\n \"CVE-2022-38016\",\n \"CVE-2022-38021\",\n \"CVE-2022-38022\",\n \"CVE-2022-38026\",\n \"CVE-2022-38027\",\n \"CVE-2022-38028\",\n \"CVE-2022-38029\",\n \"CVE-2022-38030\",\n \"CVE-2022-38031\",\n \"CVE-2022-38032\",\n \"CVE-2022-38033\",\n \"CVE-2022-38034\",\n \"CVE-2022-38037\",\n \"CVE-2022-38038\",\n \"CVE-2022-38039\",\n \"CVE-2022-38040\",\n \"CVE-2022-38041\",\n \"CVE-2022-38042\",\n \"CVE-2022-38043\",\n \"CVE-2022-38044\",\n \"CVE-2022-38045\",\n \"CVE-2022-38046\",\n \"CVE-2022-38047\",\n \"CVE-2022-38050\",\n \"CVE-2022-38051\",\n \"CVE-2022-41033\",\n \"CVE-2022-41081\"\n );\n script_xref(name:\"MSKB\", value:\"5018419\");\n script_xref(name:\"MSFT\", value:\"MS22-5018419\");\n script_xref(name:\"IAVA\", value:\"2022-A-0408-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0409-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/11/01\");\n\n script_name(english:\"KB5018419: Windows 10 version 1809 / Windows Server 2019 Security Update (October 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5018419. It is, therefore, affected by multiple vulnerabilities\n\n - Server Service Remote Protocol Elevation of Privilege Vulnerability (CVE-2022-38045)\n\n - Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2022-38040)\n\n - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2022-37982,\n CVE-2022-38031)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5018419\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5018419\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-38040\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-38045\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-10';\nkbs = make_list(\n '5018419'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:17763,\n rollup_date:'10_2022',\n bulletin:bulletin,\n rollup_kb_list:[5018419])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-25T20:39:13", "description": "The remote Windows host is missing security update 5018418. It is, therefore, affected by multiple vulnerabilities\n\n - Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability (CVE-2022-38036)\n\n - Server Service Remote Protocol Elevation of Privilege Vulnerability (CVE-2022-38045)\n\n - Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2022-38040)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T00:00:00", "type": "nessus", "title": "KB5018418: Windows 11 Security Update (October 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-33634", "CVE-2022-33635", "CVE-2022-33645", "CVE-2022-35770", "CVE-2022-37965", "CVE-2022-37970", "CVE-2022-37973", "CVE-2022-37974", "CVE-2022-37975", "CVE-2022-37977", "CVE-2022-37978", "CVE-2022-37979", "CVE-2022-37980", "CVE-2022-37981", "CVE-2022-37982", "CVE-2022-37983", "CVE-2022-37984", "CVE-2022-37985", "CVE-2022-37986", "CVE-2022-37987", "CVE-2022-37988", "CVE-2022-37989", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37993", "CVE-2022-37994", "CVE-2022-37995", "CVE-2022-37996", "CVE-2022-37997", "CVE-2022-37998", "CVE-2022-37999", "CVE-2022-38000", "CVE-2022-38003", "CVE-2022-38016", "CVE-2022-38021", "CVE-2022-38022", "CVE-2022-38025", "CVE-2022-38026", "CVE-2022-38027", "CVE-2022-38028", "CVE-2022-38029", "CVE-2022-38030", "CVE-2022-38031", "CVE-2022-38032", "CVE-2022-38033", "CVE-2022-38034", "CVE-2022-38036", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38039", "CVE-2022-38040", "CVE-2022-38041", "CVE-2022-38042", "CVE-2022-38043", "CVE-2022-38044", "CVE-2022-38045", "CVE-2022-38046", "CVE-2022-38047", "CVE-2022-38050", "CVE-2022-38051", "CVE-2022-41033", "CVE-2022-41081"], "modified": "2023-02-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_OCT_5018418.NASL", "href": "https://www.tenable.com/plugins/nessus/166028", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166028);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/09\");\n\n script_cve_id(\n \"CVE-2022-22035\",\n \"CVE-2022-24504\",\n \"CVE-2022-30198\",\n \"CVE-2022-33634\",\n \"CVE-2022-33635\",\n \"CVE-2022-33645\",\n \"CVE-2022-35770\",\n \"CVE-2022-37965\",\n \"CVE-2022-37970\",\n \"CVE-2022-37973\",\n \"CVE-2022-37974\",\n \"CVE-2022-37975\",\n \"CVE-2022-37977\",\n \"CVE-2022-37978\",\n \"CVE-2022-37979\",\n \"CVE-2022-37980\",\n \"CVE-2022-37981\",\n \"CVE-2022-37982\",\n \"CVE-2022-37983\",\n \"CVE-2022-37984\",\n \"CVE-2022-37985\",\n \"CVE-2022-37986\",\n \"CVE-2022-37987\",\n \"CVE-2022-37988\",\n \"CVE-2022-37989\",\n \"CVE-2022-37990\",\n \"CVE-2022-37991\",\n \"CVE-2022-37993\",\n \"CVE-2022-37994\",\n \"CVE-2022-37995\",\n \"CVE-2022-37996\",\n \"CVE-2022-37997\",\n \"CVE-2022-37998\",\n \"CVE-2022-37999\",\n \"CVE-2022-38000\",\n \"CVE-2022-38003\",\n \"CVE-2022-38016\",\n \"CVE-2022-38021\",\n \"CVE-2022-38022\",\n \"CVE-2022-38025\",\n \"CVE-2022-38026\",\n \"CVE-2022-38027\",\n \"CVE-2022-38028\",\n \"CVE-2022-38029\",\n \"CVE-2022-38030\",\n \"CVE-2022-38031\",\n \"CVE-2022-38032\",\n \"CVE-2022-38033\",\n \"CVE-2022-38034\",\n \"CVE-2022-38036\",\n \"CVE-2022-38037\",\n \"CVE-2022-38038\",\n \"CVE-2022-38039\",\n \"CVE-2022-38040\",\n \"CVE-2022-38041\",\n \"CVE-2022-38042\",\n \"CVE-2022-38043\",\n \"CVE-2022-38044\",\n \"CVE-2022-38045\",\n \"CVE-2022-38046\",\n \"CVE-2022-38047\",\n \"CVE-2022-38050\",\n \"CVE-2022-38051\",\n \"CVE-2022-41033\",\n \"CVE-2022-41081\"\n );\n script_xref(name:\"MSKB\", value:\"5018418\");\n script_xref(name:\"MSFT\", value:\"MS22-5018418\");\n script_xref(name:\"IAVA\", value:\"2022-A-0408-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0409-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/11/01\");\n\n script_name(english:\"KB5018418: Windows 11 Security Update (October 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5018418. It is, therefore, affected by multiple vulnerabilities\n\n - Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability (CVE-2022-38036)\n\n - Server Service Remote Protocol Elevation of Privilege Vulnerability (CVE-2022-38045)\n\n - Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2022-38040)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5018418\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5018418\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-38040\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-38045\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-10';\nkbs = make_list(\n '5018418'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:22000,\n rollup_date:'10_2022',\n bulletin:bulletin,\n rollup_kb_list:[5018418])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-25T16:31:15", "description": "The remote Windows host is missing security update 5018421. It is, therefore, affected by multiple vulnerabilities\n\n - Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability (CVE-2022-38036)\n\n - Server Service Remote Protocol Elevation of Privilege Vulnerability (CVE-2022-38045)\n\n - Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2022-38040)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T00:00:00", "type": "nessus", "title": "KB5018421: Windows Server 2022 Security Update (October 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-33634", "CVE-2022-33635", "CVE-2022-33645", "CVE-2022-35770", "CVE-2022-37965", "CVE-2022-37970", "CVE-2022-37973", "CVE-2022-37975", "CVE-2022-37976", "CVE-2022-37977", "CVE-2022-37978", "CVE-2022-37979", "CVE-2022-37980", "CVE-2022-37981", "CVE-2022-37982", "CVE-2022-37983", "CVE-2022-37984", "CVE-2022-37985", "CVE-2022-37986", "CVE-2022-37987", "CVE-2022-37988", "CVE-2022-37989", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37993", "CVE-2022-37994", "CVE-2022-37995", "CVE-2022-37996", "CVE-2022-37997", "CVE-2022-37998", "CVE-2022-37999", "CVE-2022-38000", "CVE-2022-38003", "CVE-2022-38016", "CVE-2022-38021", "CVE-2022-38022", "CVE-2022-38025", "CVE-2022-38026", "CVE-2022-38027", "CVE-2022-38028", "CVE-2022-38029", "CVE-2022-38030", "CVE-2022-38031", "CVE-2022-38032", "CVE-2022-38033", "CVE-2022-38034", "CVE-2022-38036", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38039", "CVE-2022-38040", "CVE-2022-38041", "CVE-2022-38042", "CVE-2022-38043", "CVE-2022-38044", "CVE-2022-38045", "CVE-2022-38046", "CVE-2022-38047", "CVE-2022-38050", "CVE-2022-38051", "CVE-2022-41033", "CVE-2022-41081"], "modified": "2023-02-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_OCT_5018421.NASL", "href": "https://www.tenable.com/plugins/nessus/166032", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166032);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/09\");\n\n script_cve_id(\n \"CVE-2022-22035\",\n \"CVE-2022-24504\",\n \"CVE-2022-30198\",\n \"CVE-2022-33634\",\n \"CVE-2022-33635\",\n \"CVE-2022-33645\",\n \"CVE-2022-35770\",\n \"CVE-2022-37965\",\n \"CVE-2022-37970\",\n \"CVE-2022-37973\",\n \"CVE-2022-37975\",\n \"CVE-2022-37976\",\n \"CVE-2022-37977\",\n \"CVE-2022-37978\",\n \"CVE-2022-37979\",\n \"CVE-2022-37980\",\n \"CVE-2022-37981\",\n \"CVE-2022-37982\",\n \"CVE-2022-37983\",\n \"CVE-2022-37984\",\n \"CVE-2022-37985\",\n \"CVE-2022-37986\",\n \"CVE-2022-37987\",\n \"CVE-2022-37988\",\n \"CVE-2022-37989\",\n \"CVE-2022-37990\",\n \"CVE-2022-37991\",\n \"CVE-2022-37993\",\n \"CVE-2022-37994\",\n \"CVE-2022-37995\",\n \"CVE-2022-37996\",\n \"CVE-2022-37997\",\n \"CVE-2022-37998\",\n \"CVE-2022-37999\",\n \"CVE-2022-38000\",\n \"CVE-2022-38003\",\n \"CVE-2022-38016\",\n \"CVE-2022-38021\",\n \"CVE-2022-38022\",\n \"CVE-2022-38025\",\n \"CVE-2022-38026\",\n \"CVE-2022-38027\",\n \"CVE-2022-38028\",\n \"CVE-2022-38029\",\n \"CVE-2022-38030\",\n \"CVE-2022-38031\",\n \"CVE-2022-38032\",\n \"CVE-2022-38033\",\n \"CVE-2022-38034\",\n \"CVE-2022-38036\",\n \"CVE-2022-38037\",\n \"CVE-2022-38038\",\n \"CVE-2022-38039\",\n \"CVE-2022-38040\",\n \"CVE-2022-38041\",\n \"CVE-2022-38042\",\n \"CVE-2022-38043\",\n \"CVE-2022-38044\",\n \"CVE-2022-38045\",\n \"CVE-2022-38046\",\n \"CVE-2022-38047\",\n \"CVE-2022-38050\",\n \"CVE-2022-38051\",\n \"CVE-2022-41033\",\n \"CVE-2022-41081\"\n );\n script_xref(name:\"MSKB\", value:\"5018421\");\n script_xref(name:\"MSFT\", value:\"MS22-5018421\");\n script_xref(name:\"IAVA\", value:\"2022-A-0408-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0409-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/11/01\");\n\n script_name(english:\"KB5018421: Windows Server 2022 Security Update (October 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5018421. It is, therefore, affected by multiple vulnerabilities\n\n - Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability (CVE-2022-38036)\n\n - Server Service Remote Protocol Elevation of Privilege Vulnerability (CVE-2022-38045)\n\n - Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2022-38040)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5018421\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5018421\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-38040\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-38045\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-10';\nkbs = make_list(\n '5018421'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:20348,\n rollup_date:'10_2022',\n bulletin:bulletin,\n rollup_kb_list:[5018421])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-25T16:31:44", "description": "The remote Windows host is missing security update 5018411. It is, therefore, affected by multiple vulnerabilities\n\n - Server Service Remote Protocol Elevation of Privilege Vulnerability (CVE-2022-38045)\n\n - Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2022-38040)\n\n - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2022-37982, CVE-2022-38031)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T00:00:00", "type": "nessus", "title": "KB5018411: Windows 10 Version 1607 and Windows Server 2016 Security Update (October 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-33634", "CVE-2022-33635", "CVE-2022-33645", "CVE-2022-35770", "CVE-2022-37965", "CVE-2022-37975", "CVE-2022-37976", "CVE-2022-37977", "CVE-2022-37978", "CVE-2022-37979", "CVE-2022-37981", "CVE-2022-37982", "CVE-2022-37984", "CVE-2022-37985", "CVE-2022-37986", "CVE-2022-37987", "CVE-2022-37988", "CVE-2022-37989", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37993", "CVE-2022-37994", "CVE-2022-37995", "CVE-2022-37996", "CVE-2022-37997", "CVE-2022-37999", "CVE-2022-38000", "CVE-2022-38003", "CVE-2022-38021", "CVE-2022-38022", "CVE-2022-38026", "CVE-2022-38027", "CVE-2022-38028", "CVE-2022-38029", "CVE-2022-38031", "CVE-2022-38032", "CVE-2022-38033", "CVE-2022-38034", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38040", "CVE-2022-38041", "CVE-2022-38042", "CVE-2022-38043", "CVE-2022-38044", "CVE-2022-38045", "CVE-2022-38047", "CVE-2022-38051", "CVE-2022-41033", "CVE-2022-41081"], "modified": "2023-02-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_OCT_5018411.NASL", "href": "https://www.tenable.com/plugins/nessus/166039", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166039);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/09\");\n\n script_cve_id(\n \"CVE-2022-22035\",\n \"CVE-2022-24504\",\n \"CVE-2022-30198\",\n \"CVE-2022-33634\",\n \"CVE-2022-33635\",\n \"CVE-2022-33645\",\n \"CVE-2022-35770\",\n \"CVE-2022-37965\",\n \"CVE-2022-37975\",\n \"CVE-2022-37976\",\n \"CVE-2022-37977\",\n \"CVE-2022-37978\",\n \"CVE-2022-37979\",\n \"CVE-2022-37981\",\n \"CVE-2022-37982\",\n \"CVE-2022-37984\",\n \"CVE-2022-37985\",\n \"CVE-2022-37986\",\n \"CVE-2022-37987\",\n \"CVE-2022-37988\",\n \"CVE-2022-37989\",\n \"CVE-2022-37990\",\n \"CVE-2022-37991\",\n \"CVE-2022-37993\",\n \"CVE-2022-37994\",\n \"CVE-2022-37995\",\n \"CVE-2022-37996\",\n \"CVE-2022-37997\",\n \"CVE-2022-37999\",\n \"CVE-2022-38000\",\n \"CVE-2022-38003\",\n \"CVE-2022-38021\",\n \"CVE-2022-38022\",\n \"CVE-2022-38026\",\n \"CVE-2022-38027\",\n \"CVE-2022-38028\",\n \"CVE-2022-38029\",\n \"CVE-2022-38031\",\n \"CVE-2022-38032\",\n \"CVE-2022-38033\",\n \"CVE-2022-38034\",\n \"CVE-2022-38037\",\n \"CVE-2022-38038\",\n \"CVE-2022-38040\",\n \"CVE-2022-38041\",\n \"CVE-2022-38042\",\n \"CVE-2022-38043\",\n \"CVE-2022-38044\",\n \"CVE-2022-38045\",\n \"CVE-2022-38047\",\n \"CVE-2022-38051\",\n \"CVE-2022-41033\",\n \"CVE-2022-41081\"\n );\n script_xref(name:\"MSKB\", value:\"5018411\");\n script_xref(name:\"MSFT\", value:\"MS22-5018411\");\n script_xref(name:\"IAVA\", value:\"2022-A-0408-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0409-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/11/01\");\n\n script_name(english:\"KB5018411: Windows 10 Version 1607 and Windows Server 2016 Security Update (October 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5018411. It is, therefore, affected by multiple vulnerabilities\n\n - Server Service Remote Protocol Elevation of Privilege Vulnerability (CVE-2022-38045)\n\n - Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2022-38040)\n\n - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2022-37982,\n CVE-2022-38031)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5018411\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5018411\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-38040\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-38045\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-10';\nkbs = make_list(\n '5018411'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:14393,\n rollup_date:'10_2022',\n bulletin:bulletin,\n rollup_kb_list:[5018411])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-25T12:44:46", "description": "The remote Windows host is missing security update 5018410. It is, therefore, affected by multiple vulnerabilities\n\n - Server Service Remote Protocol Elevation of Privilege Vulnerability (CVE-2022-38045)\n\n - Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2022-38040)\n\n - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2022-37982, CVE-2022-38031)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T00:00:00", "type": "nessus", "title": "KB5018410: Windows 10 Version 20H2 / 21H1 / 21H2 Security Update (October 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-33634", "CVE-2022-33635", "CVE-2022-33645", "CVE-2022-35770", "CVE-2022-37965", "CVE-2022-37970", "CVE-2022-37973", "CVE-2022-37974", "CVE-2022-37975", "CVE-2022-37977", "CVE-2022-37978", "CVE-2022-37979", "CVE-2022-37980", "CVE-2022-37981", "CVE-2022-37982", "CVE-2022-37983", "CVE-2022-37984", "CVE-2022-37985", "CVE-2022-37986", "CVE-2022-37987", "CVE-2022-37988", "CVE-2022-37989", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37993", "CVE-2022-37994", "CVE-2022-37995", "CVE-2022-37996", "CVE-2022-37997", "CVE-2022-37998", "CVE-2022-37999", "CVE-2022-38000", "CVE-2022-38003", "CVE-2022-38016", "CVE-2022-38021", "CVE-2022-38022", "CVE-2022-38026", "CVE-2022-38027", "CVE-2022-38028", "CVE-2022-38029", "CVE-2022-38030", "CVE-2022-38031", "CVE-2022-38032", "CVE-2022-38033", "CVE-2022-38034", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38039", "CVE-2022-38040", "CVE-2022-38041", "CVE-2022-38042", "CVE-2022-38043", "CVE-2022-38044", "CVE-2022-38045", "CVE-2022-38046", "CVE-2022-38047", "CVE-2022-38050", "CVE-2022-38051", "CVE-2022-41033", "CVE-2022-41081"], "modified": "2023-02-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_OCT_5018410.NASL", "href": "https://www.tenable.com/plugins/nessus/166034", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166034);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/09\");\n\n script_cve_id(\n \"CVE-2022-22035\",\n \"CVE-2022-24504\",\n \"CVE-2022-30198\",\n \"CVE-2022-33634\",\n \"CVE-2022-33635\",\n \"CVE-2022-33645\",\n \"CVE-2022-35770\",\n \"CVE-2022-37965\",\n \"CVE-2022-37970\",\n \"CVE-2022-37973\",\n \"CVE-2022-37974\",\n \"CVE-2022-37975\",\n \"CVE-2022-37977\",\n \"CVE-2022-37978\",\n \"CVE-2022-37979\",\n \"CVE-2022-37980\",\n \"CVE-2022-37981\",\n \"CVE-2022-37982\",\n \"CVE-2022-37983\",\n \"CVE-2022-37984\",\n \"CVE-2022-37985\",\n \"CVE-2022-37986\",\n \"CVE-2022-37987\",\n \"CVE-2022-37988\",\n \"CVE-2022-37989\",\n \"CVE-2022-37990\",\n \"CVE-2022-37991\",\n \"CVE-2022-37993\",\n \"CVE-2022-37994\",\n \"CVE-2022-37995\",\n \"CVE-2022-37996\",\n \"CVE-2022-37997\",\n \"CVE-2022-37998\",\n \"CVE-2022-37999\",\n \"CVE-2022-38000\",\n \"CVE-2022-38003\",\n \"CVE-2022-38016\",\n \"CVE-2022-38021\",\n \"CVE-2022-38022\",\n \"CVE-2022-38026\",\n \"CVE-2022-38027\",\n \"CVE-2022-38028\",\n \"CVE-2022-38029\",\n \"CVE-2022-38030\",\n \"CVE-2022-38031\",\n \"CVE-2022-38032\",\n \"CVE-2022-38033\",\n \"CVE-2022-38034\",\n \"CVE-2022-38037\",\n \"CVE-2022-38038\",\n \"CVE-2022-38039\",\n \"CVE-2022-38040\",\n \"CVE-2022-38041\",\n \"CVE-2022-38042\",\n \"CVE-2022-38043\",\n \"CVE-2022-38044\",\n \"CVE-2022-38045\",\n \"CVE-2022-38046\",\n \"CVE-2022-38047\",\n \"CVE-2022-38050\",\n \"CVE-2022-38051\",\n \"CVE-2022-41033\",\n \"CVE-2022-41081\"\n );\n script_xref(name:\"MSKB\", value:\"5018410\");\n script_xref(name:\"MSFT\", value:\"MS22-5018410\");\n script_xref(name:\"IAVA\", value:\"2022-A-0408-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0409-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/11/01\");\n\n script_name(english:\"KB5018410: Windows 10 Version 20H2 / 21H1 / 21H2 Security Update (October 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5018410. It is, therefore, affected by multiple vulnerabilities\n\n - Server Service Remote Protocol Elevation of Privilege Vulnerability (CVE-2022-38045)\n\n - Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2022-38040)\n\n - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2022-37982,\n CVE-2022-38031)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5018410\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5018410\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-38040\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-38045\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-10';\nkbs = make_list(\n '5018410'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nvar os_name = get_kb_item(\"SMB/ProductName\");\n\n\nif ( ( (\"enterprise\" >< tolower(os_name) || \"education\" >< tolower(os_name))\n &&\n smb_check_rollup(os:'10',\n os_build:19042,\n rollup_date:'10_2022',\n bulletin:bulletin,\n rollup_kb_list:[5018410]) \n )\n ||\n smb_check_rollup(os:'10',\n os_build:19043,\n rollup_date:'10_2022',\n bulletin:bulletin,\n rollup_kb_list:[5018410])\n || \n smb_check_rollup(os:'10',\n os_build:19044,\n rollup_date:'10_2022',\n bulletin:bulletin,\n rollup_kb_list:[5018410])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-25T15:06:15", "description": "The remote Windows host is missing security update 5018476. It is, therefore, affected by multiple vulnerabilities\n\n - Server Service Remote Protocol Elevation of Privilege Vulnerability (CVE-2022-38045)\n\n - Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2022-38040)\n\n - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2022-37982, CVE-2022-38031)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T00:00:00", "type": "nessus", "title": "KB5018476: Windows Server 2012 R2 Security Update (October 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-33634", "CVE-2022-33635", "CVE-2022-33645", "CVE-2022-35770", "CVE-2022-37965", "CVE-2022-37975", "CVE-2022-37976", "CVE-2022-37977", "CVE-2022-37978", "CVE-2022-37981", "CVE-2022-37982", "CVE-2022-37984", "CVE-2022-37985", "CVE-2022-37986", "CVE-2022-37987", "CVE-2022-37988", "CVE-2022-37989", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37993", "CVE-2022-37994", "CVE-2022-37996", "CVE-2022-37997", "CVE-2022-37999", "CVE-2022-38000", "CVE-2022-38022", "CVE-2022-38026", "CVE-2022-38027", "CVE-2022-38028", "CVE-2022-38029", "CVE-2022-38031", "CVE-2022-38032", "CVE-2022-38033", "CVE-2022-38034", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38040", "CVE-2022-38041", "CVE-2022-38042", "CVE-2022-38043", "CVE-2022-38044", "CVE-2022-38045", "CVE-2022-38047", "CVE-2022-38051", "CVE-2022-41033", "CVE-2022-41081"], "modified": "2023-02-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_OCT_5018476.NASL", "href": "https://www.tenable.com/plugins/nessus/166030", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166030);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/09\");\n\n script_cve_id(\n \"CVE-2022-22035\",\n \"CVE-2022-24504\",\n \"CVE-2022-30198\",\n \"CVE-2022-33634\",\n \"CVE-2022-33635\",\n \"CVE-2022-33645\",\n \"CVE-2022-35770\",\n \"CVE-2022-37965\",\n \"CVE-2022-37975\",\n \"CVE-2022-37976\",\n \"CVE-2022-37977\",\n \"CVE-2022-37978\",\n \"CVE-2022-37981\",\n \"CVE-2022-37982\",\n \"CVE-2022-37984\",\n \"CVE-2022-37985\",\n \"CVE-2022-37986\",\n \"CVE-2022-37987\",\n \"CVE-2022-37988\",\n \"CVE-2022-37989\",\n \"CVE-2022-37990\",\n \"CVE-2022-37991\",\n \"CVE-2022-37993\",\n \"CVE-2022-37994\",\n \"CVE-2022-37996\",\n \"CVE-2022-37997\",\n \"CVE-2022-37999\",\n \"CVE-2022-38000\",\n \"CVE-2022-38022\",\n \"CVE-2022-38026\",\n \"CVE-2022-38027\",\n \"CVE-2022-38028\",\n \"CVE-2022-38029\",\n \"CVE-2022-38031\",\n \"CVE-2022-38032\",\n \"CVE-2022-38033\",\n \"CVE-2022-38034\",\n \"CVE-2022-38037\",\n \"CVE-2022-38038\",\n \"CVE-2022-38040\",\n \"CVE-2022-38041\",\n \"CVE-2022-38042\",\n \"CVE-2022-38043\",\n \"CVE-2022-38044\",\n \"CVE-2022-38045\",\n \"CVE-2022-38047\",\n \"CVE-2022-38051\",\n \"CVE-2022-41033\",\n \"CVE-2022-41081\"\n );\n script_xref(name:\"MSKB\", value:\"5018474\");\n script_xref(name:\"MSKB\", value:\"5018476\");\n script_xref(name:\"MSFT\", value:\"MS22-5018474\");\n script_xref(name:\"MSFT\", value:\"MS22-5018476\");\n script_xref(name:\"IAVA\", value:\"2022-A-0408-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0409-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/11/01\");\n\n script_name(english:\"KB5018476: Windows Server 2012 R2 Security Update (October 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5018476. It is, therefore, affected by multiple vulnerabilities\n\n - Server Service Remote Protocol Elevation of Privilege Vulnerability (CVE-2022-38045)\n\n - Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2022-38040)\n\n - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2022-37982,\n CVE-2022-38031)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5018474\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5018476\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5018474\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5018476\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5018476 or Cumulative Update 5018474\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-38040\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-38045\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-10';\nkbs = make_list(\n '5018476',\n '5018474'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.3',\n sp:0,\n rollup_date:'10_2022',\n bulletin:bulletin,\n rollup_kb_list:[5018476, 5018474])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-25T14:25:48", "description": "The remote Windows host is missing security update 5018446. It is, therefore, affected by multiple vulnerabilities\n\n - Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2022-38040)\n\n - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2022-37982, CVE-2022-38031)\n\n - Active Directory Certificate Services Elevation of Privilege Vulnerability (CVE-2022-37976)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T00:00:00", "type": "nessus", "title": "KB5018446: Windows Server 2008 Security Update (October 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-24504", "CVE-2022-33634", "CVE-2022-33635", "CVE-2022-33645", "CVE-2022-35770", "CVE-2022-37975", "CVE-2022-37976", "CVE-2022-37977", "CVE-2022-37978", "CVE-2022-37981", "CVE-2022-37982", "CVE-2022-37985", "CVE-2022-37986", "CVE-2022-37987", "CVE-2022-37988", "CVE-2022-37989", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37993", "CVE-2022-37994", "CVE-2022-37997", "CVE-2022-37999", "CVE-2022-38029", "CVE-2022-38031", "CVE-2022-38032", "CVE-2022-38033", "CVE-2022-38034", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38040", "CVE-2022-38042", "CVE-2022-38044", "CVE-2022-38047", "CVE-2022-38051", "CVE-2022-41033", "CVE-2022-41081"], "modified": "2023-02-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_OCT_5018446.NASL", "href": "https://www.tenable.com/plugins/nessus/166038", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166038);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/09\");\n\n script_cve_id(\n \"CVE-2022-24504\",\n \"CVE-2022-33634\",\n \"CVE-2022-33635\",\n \"CVE-2022-33645\",\n \"CVE-2022-35770\",\n \"CVE-2022-37975\",\n \"CVE-2022-37976\",\n \"CVE-2022-37977\",\n \"CVE-2022-37978\",\n \"CVE-2022-37981\",\n \"CVE-2022-37982\",\n \"CVE-2022-37985\",\n \"CVE-2022-37986\",\n \"CVE-2022-37987\",\n \"CVE-2022-37988\",\n \"CVE-2022-37989\",\n \"CVE-2022-37990\",\n \"CVE-2022-37991\",\n \"CVE-2022-37993\",\n \"CVE-2022-37994\",\n \"CVE-2022-37997\",\n \"CVE-2022-37999\",\n \"CVE-2022-38029\",\n \"CVE-2022-38031\",\n \"CVE-2022-38032\",\n \"CVE-2022-38033\",\n \"CVE-2022-38034\",\n \"CVE-2022-38037\",\n \"CVE-2022-38038\",\n \"CVE-2022-38040\",\n \"CVE-2022-38042\",\n \"CVE-2022-38044\",\n \"CVE-2022-38047\",\n \"CVE-2022-38051\",\n \"CVE-2022-41033\",\n \"CVE-2022-41081\"\n );\n script_xref(name:\"MSKB\", value:\"5018446\");\n script_xref(name:\"MSKB\", value:\"5018450\");\n script_xref(name:\"MSFT\", value:\"MS22-5018446\");\n script_xref(name:\"MSFT\", value:\"MS22-5018450\");\n script_xref(name:\"IAVA\", value:\"2022-A-0408-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0409-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/11/01\");\n\n script_name(english:\"KB5018446: Windows Server 2008 Security Update (October 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5018446. It is, therefore, affected by multiple vulnerabilities\n\n - Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2022-38040)\n\n - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2022-37982,\n CVE-2022-38031)\n\n - Active Directory Certificate Services Elevation of Privilege Vulnerability (CVE-2022-37976)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5018446\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5018450\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5018446\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5018450\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5018446 or Cumulative Update 5018450\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-38040\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-10';\nkbs = make_list(\n '5018450',\n '5018446'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(vista:'2') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.0',\n sp:2,\n rollup_date:'10_2022',\n bulletin:bulletin,\n rollup_kb_list:[5018450, 5018446])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-27T02:49:48", "description": "The remote Windows host is missing security update 5018425. It is, therefore, affected by multiple vulnerabilities\n\n - Server Service Remote Protocol Elevation of Privilege Vulnerability (CVE-2022-38045)\n\n - Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2022-38040)\n\n - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2022-37982, CVE-2022-38031)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T00:00:00", "type": "nessus", "title": "KB5018425: Windows 10 LTS 1507 Security Update (October 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-33634", "CVE-2022-33635", "CVE-2022-33645", "CVE-2022-35770", "CVE-2022-37965", "CVE-2022-37975", "CVE-2022-37977", "CVE-2022-37978", "CVE-2022-37981", "CVE-2022-37982", "CVE-2022-37984", "CVE-2022-37985", "CVE-2022-37986", "CVE-2022-37987", "CVE-2022-37988", "CVE-2022-37989", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37993", "CVE-2022-37994", "CVE-2022-37996", "CVE-2022-37997", "CVE-2022-37999", "CVE-2022-38000", "CVE-2022-38022", "CVE-2022-38026", "CVE-2022-38027", "CVE-2022-38028", "CVE-2022-38029", "CVE-2022-38031", "CVE-2022-38032", "CVE-2022-38033", "CVE-2022-38034", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38040", "CVE-2022-38041", "CVE-2022-38042", "CVE-2022-38043", "CVE-2022-38044", "CVE-2022-38045", "CVE-2022-38047", "CVE-2022-38051", "CVE-2022-41033", "CVE-2022-41081"], "modified": "2023-02-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_OCT_5018425.NASL", "href": "https://www.tenable.com/plugins/nessus/166036", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166036);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/09\");\n\n script_cve_id(\n \"CVE-2022-22035\",\n \"CVE-2022-24504\",\n \"CVE-2022-30198\",\n \"CVE-2022-33634\",\n \"CVE-2022-33635\",\n \"CVE-2022-33645\",\n \"CVE-2022-35770\",\n \"CVE-2022-37965\",\n \"CVE-2022-37975\",\n \"CVE-2022-37977\",\n \"CVE-2022-37978\",\n \"CVE-2022-37981\",\n \"CVE-2022-37982\",\n \"CVE-2022-37984\",\n \"CVE-2022-37985\",\n \"CVE-2022-37986\",\n \"CVE-2022-37987\",\n \"CVE-2022-37988\",\n \"CVE-2022-37989\",\n \"CVE-2022-37990\",\n \"CVE-2022-37991\",\n \"CVE-2022-37993\",\n \"CVE-2022-37994\",\n \"CVE-2022-37996\",\n \"CVE-2022-37997\",\n \"CVE-2022-37999\",\n \"CVE-2022-38000\",\n \"CVE-2022-38022\",\n \"CVE-2022-38026\",\n \"CVE-2022-38027\",\n \"CVE-2022-38028\",\n \"CVE-2022-38029\",\n \"CVE-2022-38031\",\n \"CVE-2022-38032\",\n \"CVE-2022-38033\",\n \"CVE-2022-38034\",\n \"CVE-2022-38037\",\n \"CVE-2022-38038\",\n \"CVE-2022-38040\",\n \"CVE-2022-38041\",\n \"CVE-2022-38042\",\n \"CVE-2022-38043\",\n \"CVE-2022-38044\",\n \"CVE-2022-38045\",\n \"CVE-2022-38047\",\n \"CVE-2022-38051\",\n \"CVE-2022-41033\",\n \"CVE-2022-41081\"\n );\n script_xref(name:\"MSKB\", value:\"5018425\");\n script_xref(name:\"MSFT\", value:\"MS22-5018425\");\n script_xref(name:\"IAVA\", value:\"2022-A-0408-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0409-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/11/01\");\n\n script_name(english:\"KB5018425: Windows 10 LTS 1507 Security Update (October 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5018425. It is, therefore, affected by multiple vulnerabilities\n\n - Server Service Remote Protocol Elevation of Privilege Vulnerability (CVE-2022-38045)\n\n - Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2022-38040)\n\n - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2022-37982,\n CVE-2022-38031)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5018425\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5018425\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-38040\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-38045\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-10';\nkbs = make_list(\n '5018425'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n os_build:10240,\n rollup_date:'10_2022',\n bulletin:bulletin,\n rollup_kb_list:[5018425])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-25T16:31:59", "description": "The remote Windows host is missing security update 5018478. It is, therefore, affected by multiple vulnerabilities\n\n - Server Service Remote Protocol Elevation of Privilege Vulnerability (CVE-2022-38045)\n\n - Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2022-38040)\n\n - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2022-37982, CVE-2022-38031)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T00:00:00", "type": "nessus", "title": "KB5018478: Windows Server 2012 Security Update (October 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-33634", "CVE-2022-33635", "CVE-2022-33645", "CVE-2022-35770", "CVE-2022-37965", "CVE-2022-37975", "CVE-2022-37976", "CVE-2022-37977", "CVE-2022-37978", "CVE-2022-37981", "CVE-2022-37982", "CVE-2022-37984", "CVE-2022-37985", "CVE-2022-37986", "CVE-2022-37987", "CVE-2022-37988", "CVE-2022-37989", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37993", "CVE-2022-37994", "CVE-2022-37997", "CVE-2022-37999", "CVE-2022-38000", "CVE-2022-38022", "CVE-2022-38026", "CVE-2022-38027", "CVE-2022-38028", "CVE-2022-38029", "CVE-2022-38031", "CVE-2022-38032", "CVE-2022-38033", "CVE-2022-38034", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38040", "CVE-2022-38041", "CVE-2022-38042", "CVE-2022-38043", "CVE-2022-38044", "CVE-2022-38045", "CVE-2022-38047", "CVE-2022-38051", "CVE-2022-41033", "CVE-2022-41081"], "modified": "2023-02-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_OCT_5018478.NASL", "href": "https://www.tenable.com/plugins/nessus/166029", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166029);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/09\");\n\n script_cve_id(\n \"CVE-2022-22035\",\n \"CVE-2022-24504\",\n \"CVE-2022-30198\",\n \"CVE-2022-33634\",\n \"CVE-2022-33635\",\n \"CVE-2022-33645\",\n \"CVE-2022-35770\",\n \"CVE-2022-37965\",\n \"CVE-2022-37975\",\n \"CVE-2022-37976\",\n \"CVE-2022-37977\",\n \"CVE-2022-37978\",\n \"CVE-2022-37981\",\n \"CVE-2022-37982\",\n \"CVE-2022-37984\",\n \"CVE-2022-37985\",\n \"CVE-2022-37986\",\n \"CVE-2022-37987\",\n \"CVE-2022-37988\",\n \"CVE-2022-37989\",\n \"CVE-2022-37990\",\n \"CVE-2022-37991\",\n \"CVE-2022-37993\",\n \"CVE-2022-37994\",\n \"CVE-2022-37997\",\n \"CVE-2022-37999\",\n \"CVE-2022-38000\",\n \"CVE-2022-38022\",\n \"CVE-2022-38026\",\n \"CVE-2022-38027\",\n \"CVE-2022-38028\",\n \"CVE-2022-38029\",\n \"CVE-2022-38031\",\n \"CVE-2022-38032\",\n \"CVE-2022-38033\",\n \"CVE-2022-38034\",\n \"CVE-2022-38037\",\n \"CVE-2022-38038\",\n \"CVE-2022-38040\",\n \"CVE-2022-38041\",\n \"CVE-2022-38042\",\n \"CVE-2022-38043\",\n \"CVE-2022-38044\",\n \"CVE-2022-38045\",\n \"CVE-2022-38047\",\n \"CVE-2022-38051\",\n \"CVE-2022-41033\",\n \"CVE-2022-41081\"\n );\n script_xref(name:\"MSKB\", value:\"5018457\");\n script_xref(name:\"MSKB\", value:\"5018478\");\n script_xref(name:\"MSFT\", value:\"MS22-5018457\");\n script_xref(name:\"MSFT\", value:\"MS22-5018478\");\n script_xref(name:\"IAVA\", value:\"2022-A-0408-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0409-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/11/01\");\n\n script_name(english:\"KB5018478: Windows Server 2012 Security Update (October 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5018478. It is, therefore, affected by multiple vulnerabilities\n\n - Server Service Remote Protocol Elevation of Privilege Vulnerability (CVE-2022-38045)\n\n - Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2022-38040)\n\n - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2022-37982,\n CVE-2022-38031)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5018457\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5018478\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5018457\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5018478\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5018478 or Cumulative Update 5018457\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-38040\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-38045\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-10';\nkbs = make_list(\n '5018478',\n '5018457'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win8:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.2',\n sp:0,\n rollup_date:'10_2022',\n bulletin:bulletin,\n rollup_kb_list:[5018478, 5018457])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-25T14:25:48", "description": "The remote Windows host is missing security update 5018479. It is, therefore, affected by multiple vulnerabilities\n\n - Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2022-38040)\n\n - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2022-37982, CVE-2022-38031)\n\n - Active Directory Certificate Services Elevation of Privilege Vulnerability (CVE-2022-37976)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T00:00:00", "type": "nessus", "title": "KB5018479: Windows Server 2008 R2 Security Update (October 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-33634", "CVE-2022-33635", "CVE-2022-33645", "CVE-2022-35770", "CVE-2022-37975", "CVE-2022-37976", "CVE-2022-37977", "CVE-2022-37978", "CVE-2022-37981", "CVE-2022-37982", "CVE-2022-37985", "CVE-2022-37986", "CVE-2022-37987", "CVE-2022-37988", "CVE-2022-37989", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37993", "CVE-2022-37994", "CVE-2022-37997", "CVE-2022-37999", "CVE-2022-38000", "CVE-2022-38022", "CVE-2022-38026", "CVE-2022-38029", "CVE-2022-38031", "CVE-2022-38032", "CVE-2022-38033", "CVE-2022-38034", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38040", "CVE-2022-38041", "CVE-2022-38042", "CVE-2022-38043", "CVE-2022-38044", "CVE-2022-38047", "CVE-2022-38051", "CVE-2022-41033", "CVE-2022-41081"], "modified": "2023-02-09T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS22_OCT_5018479.NASL", "href": "https://www.tenable.com/plugins/nessus/166024", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166024);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/09\");\n\n script_cve_id(\n \"CVE-2022-22035\",\n \"CVE-2022-24504\",\n \"CVE-2022-30198\",\n \"CVE-2022-33634\",\n \"CVE-2022-33635\",\n \"CVE-2022-33645\",\n \"CVE-2022-35770\",\n \"CVE-2022-37975\",\n \"CVE-2022-37976\",\n \"CVE-2022-37977\",\n \"CVE-2022-37978\",\n \"CVE-2022-37981\",\n \"CVE-2022-37982\",\n \"CVE-2022-37985\",\n \"CVE-2022-37986\",\n \"CVE-2022-37987\",\n \"CVE-2022-37988\",\n \"CVE-2022-37989\",\n \"CVE-2022-37990\",\n \"CVE-2022-37991\",\n \"CVE-2022-37993\",\n \"CVE-2022-37994\",\n \"CVE-2022-37997\",\n \"CVE-2022-37999\",\n \"CVE-2022-38000\",\n \"CVE-2022-38022\",\n \"CVE-2022-38026\",\n \"CVE-2022-38029\",\n \"CVE-2022-38031\",\n \"CVE-2022-38032\",\n \"CVE-2022-38033\",\n \"CVE-2022-38034\",\n \"CVE-2022-38037\",\n \"CVE-2022-38038\",\n \"CVE-2022-38040\",\n \"CVE-2022-38041\",\n \"CVE-2022-38042\",\n \"CVE-2022-38043\",\n \"CVE-2022-38044\",\n \"CVE-2022-38047\",\n \"CVE-2022-38051\",\n \"CVE-2022-41033\",\n \"CVE-2022-41081\"\n );\n script_xref(name:\"MSKB\", value:\"5018454\");\n script_xref(name:\"MSKB\", value:\"5018479\");\n script_xref(name:\"MSFT\", value:\"MS22-5018454\");\n script_xref(name:\"MSFT\", value:\"MS22-5018479\");\n script_xref(name:\"IAVA\", value:\"2022-A-0408-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0409-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/11/01\");\n\n script_name(english:\"KB5018479: Windows Server 2008 R2 Security Update (October 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 5018479. It is, therefore, affected by multiple vulnerabilities\n\n - Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2022-38040)\n\n - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2022-37982,\n CVE-2022-38031)\n\n - Active Directory Certificate Services Elevation of Privilege Vulnerability (CVE-2022-37976)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5018454\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5018479\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5018454\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/help/5018479\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Update 5018479 or Cumulative Update 5018454\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-38040\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('smb_func.inc');\ninclude('smb_hotfixes.inc');\ninclude('smb_hotfixes_fcheck.inc');\ninclude('smb_reg_query.inc');\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS22-10';\nkbs = make_list(\n '5018479',\n '5018454'\n);\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win7:'1') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.1',\n sp:1,\n rollup_date:'10_2022',\n bulletin:bulletin,\n rollup_kb_list:[5018479, 5018454])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:33:37", "description": "The version of Microsoft Edge installed on the remote Windows host is prior to 106.0.1370.34. It is, therefore, affected by multiple vulnerabilities as referenced in the October 3, 2022 advisory.\n\n - Use after free in CSS. (CVE-2022-3304)\n\n - Use after free in Media. (CVE-2022-3307)\n\n - Insufficient policy enforcement in Developer Tools. (CVE-2022-3308)\n\n - Insufficient policy enforcement in Custom Tabs. (CVE-2022-3310)\n\n - Use after free in Import. (CVE-2022-3311)\n\n - Incorrect security UI in Full Screen. (CVE-2022-3313)\n\n - Type confusion in Blink. (CVE-2022-3315)\n\n - Insufficient validation of untrusted input in Safe Browsing. (CVE-2022-3316)\n\n - Insufficient validation of untrusted input in Intents. (CVE-2022-3317)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-10-06T00:00:00", "type": "nessus", "title": "Microsoft Edge (Chromium) < 106.0.1370.34 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-3304", "CVE-2022-3307", "CVE-2022-3308", "CVE-2022-3310", "CVE-2022-3311", "CVE-2022-3313", "CVE-2022-3315", "CVE-2022-3316", "CVE-2022-3317", "CVE-2022-3370", "CVE-2022-3373", "CVE-2022-41035"], "modified": "2022-11-21T00:00:00", "cpe": ["cpe:/a:microsoft:edge"], "id": "MICROSOFT_EDGE_CHROMIUM_106_0_1370_34.NASL", "href": "https://www.tenable.com/plugins/nessus/165721", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165721);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/21\");\n\n script_cve_id(\"CVE-2022-3370\", \"CVE-2022-3373\");\n script_xref(name:\"IAVA\", value:\"2022-A-0396-S\");\n\n script_name(english:\"Microsoft Edge (Chromium) < 106.0.1370.34 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an web browser installed that is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Microsoft Edge installed on the remote Windows host is prior to 106.0.1370.34. It is, therefore, affected\nby multiple vulnerabilities as referenced in the October 3, 2022 advisory.\n\n - Use after free in CSS. (CVE-2022-3304)\n\n - Use after free in Media. (CVE-2022-3307)\n\n - Insufficient policy enforcement in Developer Tools. (CVE-2022-3308)\n\n - Insufficient policy enforcement in Custom Tabs. (CVE-2022-3310)\n\n - Use after free in Import. (CVE-2022-3311)\n\n - Incorrect security UI in Full Screen. (CVE-2022-3313)\n\n - Type confusion in Blink. (CVE-2022-3315)\n\n - Insufficient validation of untrusted input in Safe Browsing. (CVE-2022-3316)\n\n - Insufficient validation of untrusted input in Intents. (CVE-2022-3317)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n # https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#october-3-2022\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2c48e7f3\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3304\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3307\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3308\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3310\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3311\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3313\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3315\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3316\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3317\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41035\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Microsoft Edge version 106.0.1370.34 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3311\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-3373\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_edge_chromium_installed.nbin\");\n script_require_keys(\"installed_sw/Microsoft Edge (Chromium)\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nvar app_info = vcf::get_app_info(app:'Microsoft Edge (Chromium)', win_local:TRUE);\nvar constraints = [\n { 'fixed_version' : '106.0.1370.34' }\n];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:37:24", "description": "The Microsoft SharePoint Server 2013 installation on the remote host is missing security updates. It is, therefore, affected by a remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T00:00:00", "type": "nessus", "title": "Security Updates for Microsoft SharePoint Server 2013 (October 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-38053", "CVE-2022-41036", "CVE-2022-41037", "CVE-2022-41038"], "modified": "2022-11-29T00:00:00", "cpe": ["cpe:/a:microsoft:sharepoint_server"], "id": "SMB_NT_MS22_OCT_OFFICE_SHAREPOINT_2013.NASL", "href": "https://www.tenable.com/plugins/nessus/166033", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166033);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/29\");\n\n script_cve_id(\n \"CVE-2022-38053\",\n \"CVE-2022-41036\",\n \"CVE-2022-41037\",\n \"CVE-2022-41038\"\n );\n script_xref(name:\"MSKB\", value:\"5002284\");\n script_xref(name:\"MSFT\", value:\"MS22-5002284\");\n script_xref(name:\"IAVA\", value:\"2022-A-0407-S\");\n\n script_name(english:\"Security Updates for Microsoft SharePoint Server 2013 (October 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft SharePoint Server 2013 installation on the remote host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft SharePoint Server 2013 installation on the remote host is missing security updates. \nIt is, therefore, affected by a remote code execution vulnerability. An attacker can\nexploit this to bypass authentication and execute unauthorized arbitrary commands.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5002284\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released the following security updates to address this issue: \n -KB5002219\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-41038\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:sharepoint_server\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_sharepoint_installed.nbin\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('vcf_extras_microsoft.inc');\n\nvar app_info = vcf::microsoft::sharepoint::get_app_info();\nvar kb_checks = \n[\n {\n 'product' : '2013',\n 'edition' : 'Foundation',\n 'sp' : '1',\n 'kb' : '5002284',\n 'path' : app_info.hotfix_path,\n 'version' : '15.0.5493.1000',\n 'append' : 'microsoft shared\\\\web server extensions\\\\15\\\\bin',\n 'file' : 'onetutil.dll',\n 'product_name' : 'Microsoft Sharepoint Foundation 2013 SP1' \n }\n];\nvcf::microsoft::sharepoint::check_version_and_report\n(\n app_info:app_info, \n bulletin:'MS22-10',\n constraints:kb_checks, \n severity:SECURITY_HOLE\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:34:05", "description": "The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. It is, therefore, affected by a remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T00:00:00", "type": "nessus", "title": "Security Updates for Microsoft SharePoint Server Subscription Edition (October 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-38053", "CVE-2022-41036", "CVE-2022-41037", "CVE-2022-41038"], "modified": "2022-11-29T00:00:00", "cpe": ["cpe:/a:microsoft:sharepoint_server"], "id": "SMB_NT_MS22_OCT_OFFICE_SHAREPOINT_SUBSCR.NASL", "href": "https://www.tenable.com/plugins/nessus/166031", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166031);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/29\");\n\n script_cve_id(\n \"CVE-2022-38053\",\n \"CVE-2022-41036\",\n \"CVE-2022-41037\",\n \"CVE-2022-41038\"\n );\n script_xref(name:\"MSKB\", value:\"5002290\");\n script_xref(name:\"MSFT\", value:\"MS22-5002290\");\n script_xref(name:\"IAVA\", value:\"2022-A-0407-S\");\n\n script_name(english:\"Security Updates for Microsoft SharePoint Server Subscription Edition (October 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft SharePoint Server Subscription Edition installation on the remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. \nIt is, therefore, affected by a remote code execution vulnerability. An attacker can\nexploit this to bypass authentication and execute unauthorized arbitrary commands.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5002290\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released KB5002290 to address this issue.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-41038\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:sharepoint_server\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_sharepoint_installed.nbin\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('vcf_extras_microsoft.inc');\n\nvar app_info = vcf::microsoft::sharepoint::get_app_info();\nvar kb_checks = \n[\n {\n 'product' : 'Subscription Edition',\n 'edition' : 'Server',\n 'kb' : '5002290',\n 'path' : app_info.path,\n 'version' : '16.0.15601.20158',\n 'append' : 'webservices\\\\conversionservices',\n 'file' : 'pptconversion.dll',\n 'product_name' : 'Microsoft SharePoint Enterprise Server Subscription Edition'\n }\n];\nvcf::microsoft::sharepoint::check_version_and_report\n(\n app_info:app_info, \n bulletin:'MS22-10',\n constraints:kb_checks, \n severity:SECURITY_HOLE\n);", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:36:31", "description": "The Microsoft SharePoint Server 2016 installation on the remote host is missing security updates. It is, therefore, affected by a remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T00:00:00", "type": "nessus", "title": "Security Updates for Microsoft SharePoint Server 2016 (October 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-38053", "CVE-2022-41036", "CVE-2022-41037", "CVE-2022-41038"], "modified": "2022-11-29T00:00:00", "cpe": ["cpe:/a:microsoft:sharepoint_server"], "id": "SMB_NT_MS22_OCT_OFFICE_SHAREPOINT_2016.NASL", "href": "https://www.tenable.com/plugins/nessus/166023", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166023);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/29\");\n\n script_cve_id(\n \"CVE-2022-38053\",\n \"CVE-2022-41036\",\n \"CVE-2022-41037\",\n \"CVE-2022-41038\"\n );\n script_xref(name:\"MSKB\", value:\"5002287\");\n script_xref(name:\"MSFT\", value:\"MS22-5002287\");\n script_xref(name:\"IAVA\", value:\"2022-A-0407-S\");\n\n script_name(english:\"Security Updates for Microsoft SharePoint Server 2016 (October 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft SharePoint Server 2016 installation on the remote host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft SharePoint Server 2016 installation on the remote host is missing security updates. \nIt is, therefore, affected by a remote code execution vulnerability. An attacker can\nexploit this to bypass authentication and execute unauthorized arbitrary commands.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5002287\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released KB5002287 to address this issue.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-41038\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:sharepoint_server\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_sharepoint_installed.nbin\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('vcf_extras_microsoft.inc');\n\nvar app_info = vcf::microsoft::sharepoint::get_app_info();\nvar kb_checks = \n[\n {\n 'product' : '2016',\n 'edition' : 'Server',\n 'kb' : '5002287',\n 'path' : app_info.path,\n 'version' : '16.0.5365.1000',\n 'append' : 'webservices\\\\conversionservices',\n 'file' : 'sword.dll',\n 'product_name' : 'Microsoft Sharepoint Enterprise Server 2016 SP1' \n }\n];\nvcf::microsoft::sharepoint::check_version_and_report\n(\n app_info:app_info, \n bulletin:'MS22-10',\n constraints:kb_checks, \n severity:SECURITY_HOLE\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:37:25", "description": "The Microsoft SharePoint Server 2019 installation on the remote host is missing security updates. It is, therefore, affected by a remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T00:00:00", "type": "nessus", "title": "Security Updates for Microsoft SharePoint Server 2019 (October 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-38053", "CVE-2022-41036", "CVE-2022-41037", "CVE-2022-41038"], "modified": "2022-11-29T00:00:00", "cpe": ["cpe:/a:microsoft:sharepoint_server"], "id": "SMB_NT_MS22_OCT_OFFICE_SHAREPOINT_2019.NASL", "href": "https://www.tenable.com/plugins/nessus/166026", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166026);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/29\");\n\n script_cve_id(\n \"CVE-2022-38053\",\n \"CVE-2022-41036\",\n \"CVE-2022-41037\",\n \"CVE-2022-41038\"\n );\n script_xref(name:\"MSKB\", value:\"5002277\");\n script_xref(name:\"MSFT\", value:\"MS22-5002277\");\n script_xref(name:\"IAVA\", value:\"2022-A-0407-S\");\n\n script_name(english:\"Security Updates for Microsoft SharePoint Server 2019 (October 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft SharePoint Server 2019 installation on the remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft SharePoint Server 2019 installation on the remote host is missing security updates. \nIt is, therefore, affected by a remote code execution vulnerability. An attacker can\nexploit this to bypass authentication and execute unauthorized arbitrary commands.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/5002277\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released KB5002277 to address this issue.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-41038\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:sharepoint_server\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_sharepoint_installed.nbin\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('vcf_extras_microsoft.inc');\n\nvar app_info = vcf::microsoft::sharepoint::get_app_info();\nvar kb_checks = \n[\n {\n 'product' : '2019',\n 'edition' : 'Server',\n 'kb' : '5002277',\n 'path' : app_info.path,\n 'version' : '16.0.10391.20000',\n 'append' : 'bin',\n 'file' : 'ascalc.dll',\n 'product_name' : 'Microsoft SharePoint Enterprise Server 2019'\n }\n];\nvcf::microsoft::sharepoint::check_version_and_report\n(\n app_info:app_info, \n bulletin:'MS22-10',\n constraints:kb_checks, \n severity:SECURITY_HOLE\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-14T00:43:37", "description": "The version of Microsoft Visual Studio Code installed on the remote host is prior to 1.72.1.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2022-41034)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2022-41042) \t\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. (CVE-2022-41083)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-10-12T00:00:00", "type": "nessus", "title": "Security Update for Microsoft Visual Studio Code (October 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-41034", "CVE-2022-41042", "CVE-2022-41083"], "modified": "2023-01-12T00:00:00", "cpe": ["cpe:/a:microsoft:visual_studio_code"], "id": "MICROSOFT_VISUAL_STUDIO_CODE_1_72_1.NASL", "href": "https://www.tenable.com/plugins/nessus/166053", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166053);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2022-41034\", \"CVE-2022-41042\", \"CVE-2022-41083\");\n script_xref(name:\"IAVA\", value:\"2022-A-0414-S\");\n\n script_name(english:\"Security Update for Microsoft Visual Studio Code (October 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an application installed that is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Microsoft Visual Studio Code installed on the remote host is prior to 1.72.1.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass \n authentication and execute unauthorized arbitrary commands. (CVE-2022-41034)\n\n - An information disclosure vulnerability. An attacker can exploit this to \n disclose potentially sensitive information. (CVE-2022-41042)\n\t\n - An elevation of privilege vulnerability. An attacker can exploit this to gain \n elevated privileges. (CVE-2022-41083)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported\nversion\");\n script_set_attribute(attribute:\"see_also\", value:\"https://code.visualstudio.com/updates/v1_72\");\n # https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41034\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2fb3e077\");\n # https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41042\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?31ae0010\");\n # https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41083\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fe661e93\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Microsoft Visual Studio Code 1.72.1 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-41042\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-41083\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:visual_studio_code\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"os_fingerprint.nasl\", \"microsoft_visual_studio_code_installed.nbin\", \"microsoft_visual_studio_code_win_user_installed.nbin\", \"microsoft_visual_studio_code_linux_installed.nbin\", \"macosx_microsoft_visual_studio_code_installed.nbin\");\n script_require_ports(\"installed_sw/Microsoft Visual Studio Code\", \"installed_sw/Visual Studio Code\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nvar os = get_kb_item_or_exit('Host/OS');\nvar app_info;\n\nif (tolower(os) =~ 'windows')\n{\n get_kb_item_or_exit('SMB/Registry/Enumerated');\n app_info = vcf::get_app_info(app:'Microsoft Visual Studio Code', win_local:TRUE);\n}\nelse if (tolower(os) =~ 'linux|mac os')\n{\n get_kb_item_or_exit('Host/local_checks_enabled');\n app_info = vcf::get_app_info(app:'Visual Studio Code');\n}\nelse\n{\n audit(AUDIT_OS_NOT,'affected');\n}\n\nvar constraints = [\n { 'fixed_version' : '1.72.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-23T17:40:12", "description": "The Microsoft Word Products are missing a security update. It is, therefore, affected by multiple remote code execution vulnerabilities. Unauthenticated attackers can exploit these to execute code on the affected system.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-10-12T00:00:00", "type": "nessus", "title": "Security Updates for Microsoft Word Products C2R (October 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-38048", "CVE-2022-38049", "CVE-2022-41031"], "modified": "2023-03-23T00:00:00", "cpe": ["cpe:/a:microsoft:word"], "id": "SMB_NT_MS22_OCT_WORD_C2R.NASL", "href": "https://www.tenable.com/plugins/nessus/166060", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc. \n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166060);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/23\");\n\n script_cve_id(\"CVE-2022-38048\", \"CVE-2022-38049\", \"CVE-2022-41031\");\n script_xref(name:\"IAVA\", value:\"2022-A-0412-S\");\n\n script_name(english:\"Security Updates for Microsoft Word Products C2R (October 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft Word Products are missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft Word Products are missing a security update. It is, therefore, affected by multiple remote code execution\nvulnerabilities. Unauthenticated attackers can exploit these to execute code on the affected system.\");\n # https://learn.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates#october-11-2022\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1217239b\");\n # https://docs.microsoft.com/en-us/officeupdates/update-history-microsoft365-apps-by-date\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fd4508ff\");\n script_set_attribute(attribute:\"solution\", value:\n\"For Office 365, Office 2016 C2R, or Office 2019, ensure automatic\nupdates are enabled or open any office app and manually perform an\nupdate.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-41031\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:word\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"office_installed.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('vcf_extras_office.inc');\n\nvar bulletin = 'MS22-10';\n\nvar constraints = [\n {'fixed_version':'16.0.15629.20208','channel':'2016 Retail'},\n {'fixed_version':'16.0.15629.20208','channel':'Current'},\n {'fixed_version':'16.0.15601.20230','channel':'Enterprise Deferred','channel_version':'2208'},\n {'fixed_version':'16.0.15427.20308','channel':'Enterprise Deferred'},\n {'fixed_version':'16.0.15601.20230','channel':'First Release for Deferred'},\n {'fixed_version':'16.0.14931.20764','channel':'Deferred','channel_version':'2202'},\n {'fixed_version':'16.0.14326.21186','channel':'Deferred'},\n {'fixed_version':'16.0.12527.22239','channel':'Microsoft 365 Apps on Windows 7'},\n {'fixed_version':'16.0.15629.20208','channel':'2021 Retail'},\n {'fixed_version':'16.0.15629.20208','channel':'2019 Retail'},\n {'fixed_version':'16.0.14332.20400','channel':'LTSC 2021'},\n {'fixed_version':'16.0.10391.20029','channel':'2019 Volume'}\n];\n\nvcf::microsoft::office_product::check_version_and_report(\n constraints:constraints,\n severity:SECURITY_HOLE,\n bulletin:bulletin,\n subproduct:'Word'\n);\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:35:03", "description": "The Microsoft Office Products are missing security updates. It is, therefore, affected by multiple vulnerabilities:\n\n - A remote code execution vulnerabilities. An attacker can exploit these to bypass authentication and execute unauthorized arbitrary commands. (CVE-2022-38048, CVE-2022-41031)\n\n - A information disclosure vulnerability in Excel. An attacker who exploited the vulnerability could use the information together with other vulnerabilities in order to compromise the user\u2019s computer or data. (CVE-2022-41043)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-10-13T00:00:00", "type": "nessus", "title": "Security Updates for Microsoft Office Products (Oct 2022) (macOS)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-38048", "CVE-2022-41031", "CVE-2022-41043"], "modified": "2022-11-29T00:00:00", "cpe": ["cpe:/a:microsoft:office"], "id": "MACOS_MS22_OCT_OFFICE.NASL", "href": "https://www.tenable.com/plugins/nessus/166102", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc. \n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166102);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/29\");\n\n script_cve_id(\"CVE-2022-38048\", \"CVE-2022-41031\", \"CVE-2022-41043\");\n script_xref(name:\"IAVA\", value:\"2022-A-0412-S\");\n\n script_name(english:\"Security Updates for Microsoft Office Products (Oct 2022) (macOS)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft Office Products are affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft Office Products are missing security updates. It is, therefore, affected by multiple \nvulnerabilities:\n\n - A remote code execution vulnerabilities. An attacker can exploit these to bypass authentication and \n execute unauthorized arbitrary commands. (CVE-2022-38048, CVE-2022-41031)\n\n - A information disclosure vulnerability in Excel. An attacker who exploited the vulnerability could use \n the information together with other vulnerabilities in order to compromise the user\u00e2\u0080\u0099s computer or data. \n (CVE-2022-41043)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version \nnumber.\");\n # https://docs.microsoft.com/en-us/officeupdates/update-history-office-for-mac\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?43ed1b90\");\n # https://learn.microsoft.com/en-us/officeupdates/release-notes-office-for-mac#october-11-2022\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2b57ae29\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released a set of patches for Microsoft Office for Mac.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-41031\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:office\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_office_installed.nbin\");\n script_require_keys(\"Host/MacOSX/Version\");\n script_require_ports(\"installed_sw/Microsoft Outlook\", \"installed_sw/Microsoft Excel\", \"installed_sw/Microsoft Word\", \"installed_sw/Microsoft PowerPoint\", \"installed_sw/Microsoft OneNote\");\n\n exit(0);\n}\n\ninclude('vcf_extras_office.inc');\n\nvar apps = make_list('Microsoft Outlook', 'Microsoft Excel', 'Microsoft Word',\n 'Microsoft PowerPoint','Microsoft OneNote');\n\nvar app_info = vcf::microsoft::office_for_mac::get_app_info(apps:apps);\n\nvar constraints = [\n {'min_version':'16.17.0', 'fixed_version':'16.66', 'fixed_display':'16.66 (22100900)'}\n];\n\nvcf::microsoft::office_for_mac::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_HOLE,\n os_min_lvl:'10.15.0'\n);", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:33:37", "description": "The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 18529cb0-3e9c-11ed-9bc7-3065ec8fd3ec advisory.\n\n - Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. (CVE-2022-3201)\n\n - Use after free in CSS. (CVE-2022-3304)\n\n - Use after free in Survey. (CVE-2022-3305, CVE-2022-3306)\n\n - Use after free in Media. (CVE-2022-3307)\n\n - Insufficient policy enforcement in Developer Tools. (CVE-2022-3308)\n\n - Use after free in Assistant. (CVE-2022-3309)\n\n - Insufficient policy enforcement in Custom Tabs. (CVE-2022-3310)\n\n - Use after free in Import. (CVE-2022-3311)\n\n - Insufficient validation of untrusted input in VPN. (CVE-2022-3312)\n\n - Incorrect security UI in Full Screen. (CVE-2022-3313)\n\n - Use after free in Logging. (CVE-2022-3314)\n\n - Type confusion in Blink. (CVE-2022-3315)\n\n - Insufficient validation of untrusted input in Safe Browsing. (CVE-2022-3316)\n\n - Insufficient validation of untrusted input in Intents. (CVE-2022-3317)\n\n - Use after free in ChromeOS Notifications. (CVE-2022-3318)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-27T00:00:00", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (18529cb0-3e9c-11ed-9bc7-3065ec8fd3ec)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-3201", "CVE-2022-3304", "CVE-2022-3305", "CVE-2022-3306", "CVE-2022-3307", "CVE-2022-3308", "CVE-2022-3309", "CVE-2022-3310", "CVE-2022-3311", "CVE-2022-3312", "CVE-2022-3313", "CVE-2022-3314", "CVE-2022-3315", "CVE-2022-3316", "CVE-2022-3317", "CVE-2022-3318"], "modified": "2022-11-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_18529CB03E9C11ED9BC73065EC8FD3EC.NASL", "href": "https://www.tenable.com/plugins/nessus/165507", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2021 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n#\n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165507);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/04\");\n\n script_cve_id(\n \"CVE-2022-3201\",\n \"CVE-2022-3304\",\n \"CVE-2022-3305\",\n \"CVE-2022-3306\",\n \"CVE-2022-3307\",\n \"CVE-2022-3308\",\n \"CVE-2022-3309\",\n \"CVE-2022-3310\",\n \"CVE-2022-3311\",\n \"CVE-2022-3312\",\n \"CVE-2022-3313\",\n \"CVE-2022-3314\",\n \"CVE-2022-3315\",\n \"CVE-2022-3316\",\n \"CVE-2022-3317\",\n \"CVE-2022-3318\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0388-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0394-S\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (18529cb0-3e9c-11ed-9bc7-3065ec8fd3ec)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple\nvulnerabilities as referenced in the 18529cb0-3e9c-11ed-9bc7-3065ec8fd3ec advisory.\n\n - Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to\n 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass\n navigation restrictions via a crafted HTML page. (CVE-2022-3201)\n\n - Use after free in CSS. (CVE-2022-3304)\n\n - Use after free in Survey. (CVE-2022-3305, CVE-2022-3306)\n\n - Use after free in Media. (CVE-2022-3307)\n\n - Insufficient policy enforcement in Developer Tools. (CVE-2022-3308)\n\n - Use after free in Assistant. (CVE-2022-3309)\n\n - Insufficient policy enforcement in Custom Tabs. (CVE-2022-3310)\n\n - Use after free in Import. (CVE-2022-3311)\n\n - Insufficient validation of untrusted input in VPN. (CVE-2022-3312)\n\n - Incorrect security UI in Full Screen. (CVE-2022-3313)\n\n - Use after free in Logging. (CVE-2022-3314)\n\n - Type confusion in Blink. (CVE-2022-3315)\n\n - Insufficient validation of untrusted input in Safe Browsing. (CVE-2022-3316)\n\n - Insufficient validation of untrusted input in Intents. (CVE-2022-3317)\n\n - Use after free in ChromeOS Notifications. (CVE-2022-3318)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?97263b93\");\n # https://vuxml.freebsd.org/freebsd/18529cb0-3e9c-11ed-9bc7-3065ec8fd3ec.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1468f7a6\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3318\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-3315\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"freebsd_package.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nvar flag = 0;\n\nvar packages = [\n 'chromium<106.0.5249.61'\n];\n\nforeach var package( packages ) {\n if (pkg_test(save_report:TRUE, pkg: package)) flag++;\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : pkg_report_get()\n );\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:32:54", "description": "The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5244 advisory.\n\n - Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. (CVE-2022-3201)\n\n - Use after free in CSS. (CVE-2022-3304)\n\n - Use after free in Survey. (CVE-2022-3305, CVE-2022-3306)\n\n - Use after free in Media. (CVE-2022-3307)\n\n - Insufficient policy enforcement in Developer Tools. (CVE-2022-3308)\n\n - Use after free in Assistant. (CVE-2022-3309)\n\n - Insufficient policy enforcement in Custom Tabs. (CVE-2022-3310)\n\n - Use after free in Import. (CVE-2022-3311)\n\n - Insufficient validation of untrusted input in VPN. (CVE-2022-3312)\n\n - Incorrect security UI in Full Screen. (CVE-2022-3313)\n\n - Use after free in Logging. (CVE-2022-3314)\n\n - Type confusion in Blink. (CVE-2022-3315)\n\n - Insufficient validation of untrusted input in Safe Browsing. (CVE-2022-3316)\n\n - Insufficient validation of untrusted input in Intents. (CVE-2022-3317)\n\n - Use after free in ChromeOS Notifications. (CVE-2022-3318)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-30T00:00:00", "type": "nessus", "title": "Debian DSA-5244-1 : chromium - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-3201", "CVE-2022-3304", "CVE-2022-3305", "CVE-2022-3306", "CVE-2022-3307", "CVE-2022-3308", "CVE-2022-3309", "CVE-2022-3310", "CVE-2022-3311", "CVE-2022-3312", "CVE-2022-3313", "CVE-2022-3314", "CVE-2022-3315", "CVE-2022-3316", "CVE-2022-3317", "CVE-2022-3318"], "modified": "2022-11-03T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:chromium", "p-cpe:/a:debian:debian_linux:chromium-common", "p-cpe:/a:debian:debian_linux:chromium-driver", "p-cpe:/a:debian:debian_linux:chromium-l10n", "p-cpe:/a:debian:debian_linux:chromium-sandbox", "p-cpe:/a:debian:debian_linux:chromium-shell", "cpe:/o:debian:debian_linux:11.0"], "id": "DEBIAN_DSA-5244.NASL", "href": "https://www.tenable.com/plugins/nessus/165594", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dsa-5244. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165594);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/03\");\n\n script_cve_id(\n \"CVE-2022-3201\",\n \"CVE-2022-3304\",\n \"CVE-2022-3305\",\n \"CVE-2022-3306\",\n \"CVE-2022-3307\",\n \"CVE-2022-3308\",\n \"CVE-2022-3309\",\n \"CVE-2022-3310\",\n \"CVE-2022-3311\",\n \"CVE-2022-3312\",\n \"CVE-2022-3313\",\n \"CVE-2022-3314\",\n \"CVE-2022-3315\",\n \"CVE-2022-3316\",\n \"CVE-2022-3317\",\n \"CVE-2022-3318\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0394-S\");\n\n script_name(english:\"Debian DSA-5244-1 : chromium - security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndsa-5244 advisory.\n\n - Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to\n 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass\n navigation restrictions via a crafted HTML page. (CVE-2022-3201)\n\n - Use after free in CSS. (CVE-2022-3304)\n\n - Use after free in Survey. (CVE-2022-3305, CVE-2022-3306)\n\n - Use after free in Media. (CVE-2022-3307)\n\n - Insufficient policy enforcement in Developer Tools. (CVE-2022-3308)\n\n - Use after free in Assistant. (CVE-2022-3309)\n\n - Insufficient policy enforcement in Custom Tabs. (CVE-2022-3310)\n\n - Use after free in Import. (CVE-2022-3311)\n\n - Insufficient validation of untrusted input in VPN. (CVE-2022-3312)\n\n - Incorrect security UI in Full Screen. (CVE-2022-3313)\n\n - Use after free in Logging. (CVE-2022-3314)\n\n - Type confusion in Blink. (CVE-2022-3315)\n\n - Insufficient validation of untrusted input in Safe Browsing. (CVE-2022-3316)\n\n - Insufficient validation of untrusted input in Intents. (CVE-2022-3317)\n\n - Use after free in ChromeOS Notifications. (CVE-2022-3318)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/chromium\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2022/dsa-5244\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3201\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3304\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3306\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3307\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3308\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3309\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3310\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3311\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3312\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3313\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3314\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3315\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3316\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3317\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3318\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/bullseye/chromium\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the chromium packages.\n\nFor the stable distribution (bullseye), these problems have been fixed in version 106.0.5249.61-1~deb11u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3318\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-3315\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-driver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-l10n\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-sandbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-shell\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:11.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(11)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 11.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '11.0', 'prefix': 'chromium', 'reference': '106.0.5249.61-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-common', 'reference': '106.0.5249.61-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-driver', 'reference': '106.0.5249.61-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-l10n', 'reference': '106.0.5249.61-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-sandbox', 'reference': '106.0.5249.61-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-shell', 'reference': '106.0.5249.61-1~deb11u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'chromium / chromium-common / chromium-driver / chromium-l10n / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-25T16:34:03", "description": "The version of Google Chrome installed on the remote Windows host is prior to 106.0.5249.61. It is, therefore, affected by multiple vulnerabilities as referenced in the 2022_09_stable-channel-update-for-desktop_27 advisory.\n\n - Use after free in ChromeOS Notifications in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker who convinced a user to reboot Chrome OS to potentially exploit heap corruption via UI interaction. (Chromium security severity: Low) (CVE-2022-3318)\n\n - Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: High) (CVE-2022-3201)\n\n - Use after free in CSS in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2022-3304)\n\n - Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2022-3305, CVE-2022-3306)\n\n - Use after free in media in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2022-3307)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-27T00:00:00", "type": "nessus", "title": "Google Chrome < 106.0.5249.61 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-3201", "CVE-2022-3304", "CVE-2022-3305", "CVE-2022-3306", "CVE-2022-3307", "CVE-2022-3308", "CVE-2022-3309", "CVE-2022-3310", "CVE-2022-3311", "CVE-2022-3312", "CVE-2022-3313", "CVE-2022-3314", "CVE-2022-3315", "CVE-2022-3316", "CVE-2022-3317", "CVE-2022-3318", "CVE-2022-3444"], "modified": "2023-03-21T00:00:00", "cpe": ["cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"], "id": "GOOGLE_CHROME_106_0_5249_61.NASL", "href": "https://www.tenable.com/plugins/nessus/165502", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165502);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/21\");\n\n script_cve_id(\n \"CVE-2022-3201\",\n \"CVE-2022-3304\",\n \"CVE-2022-3305\",\n \"CVE-2022-3306\",\n \"CVE-2022-3307\",\n \"CVE-2022-3308\",\n \"CVE-2022-3309\",\n \"CVE-2022-3310\",\n \"CVE-2022-3311\",\n \"CVE-2022-3312\",\n \"CVE-2022-3313\",\n \"CVE-2022-3314\",\n \"CVE-2022-3315\",\n \"CVE-2022-3316\",\n \"CVE-2022-3317\",\n \"CVE-2022-3318\",\n \"CVE-2022-3444\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0379-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0388-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0394-S\");\n\n script_name(english:\"Google Chrome < 106.0.5249.61 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is prior to 106.0.5249.61. It is, therefore, affected\nby multiple vulnerabilities as referenced in the 2022_09_stable-channel-update-for-desktop_27 advisory.\n\n - Use after free in ChromeOS Notifications in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a\n remote attacker who convinced a user to reboot Chrome OS to potentially exploit heap corruption via UI\n interaction. (Chromium security severity: Low) (CVE-2022-3318)\n\n - Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to\n 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass\n navigation restrictions via a crafted HTML page. (Chromium security severity: High) (CVE-2022-3201)\n\n - Use after free in CSS in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2022-3304)\n\n - Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n (CVE-2022-3305, CVE-2022-3306)\n\n - Use after free in media in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2022-3307)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?97263b93\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1358907\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1343104\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1319229\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1320139\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1323488\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1342722\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1348415\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1240065\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1302813\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1303306\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1317904\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1328708\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1322812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1333623\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1300539\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1318791\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 106.0.5249.61 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3318\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-3315\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('SMB/Google_Chrome/Installed');\nvar installs = get_kb_list('SMB/Google_Chrome/*');\n\ngoogle_chrome_check_version(installs:installs, fix:'106.0.5249.61', severity:SECURITY_HOLE, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-25T16:33:21", "description": "The version of Google Chrome installed on the remote macOS host is prior to 106.0.5249.61. It is, therefore, affected by multiple vulnerabilities as referenced in the 2022_09_stable-channel-update-for-desktop_27 advisory.\n\n - Use after free in ChromeOS Notifications in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker who convinced a user to reboot Chrome OS to potentially exploit heap corruption via UI interaction. (Chromium security severity: Low) (CVE-2022-3318)\n\n - Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: High) (CVE-2022-3201)\n\n - Use after free in CSS in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2022-3304)\n\n - Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2022-3305, CVE-2022-3306)\n\n - Use after free in media in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2022-3307)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-27T00:00:00", "type": "nessus", "title": "Google Chrome < 106.0.5249.61 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-3201", "CVE-2022-3304", "CVE-2022-3305", "CVE-2022-3306", "CVE-2022-3307", "CVE-2022-3308", "CVE-2022-3309", "CVE-2022-3310", "CVE-2022-3311", "CVE-2022-3312", "CVE-2022-3313", "CVE-2022-3314", "CVE-2022-3315", "CVE-2022-3316", "CVE-2022-3317", "CVE-2022-3318", "CVE-2022-3444"], "modified": "2023-03-21T00:00:00", "cpe": ["cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"], "id": "MACOSX_GOOGLE_CHROME_106_0_5249_61.NASL", "href": "https://www.tenable.com/plugins/nessus/165503", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165503);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/21\");\n\n script_cve_id(\n \"CVE-2022-3201\",\n \"CVE-2022-3304\",\n \"CVE-2022-3305\",\n \"CVE-2022-3306\",\n \"CVE-2022-3307\",\n \"CVE-2022-3308\",\n \"CVE-2022-3309\",\n \"CVE-2022-3310\",\n \"CVE-2022-3311\",\n \"CVE-2022-3312\",\n \"CVE-2022-3313\",\n \"CVE-2022-3314\",\n \"CVE-2022-3315\",\n \"CVE-2022-3316\",\n \"CVE-2022-3317\",\n \"CVE-2022-3318\",\n \"CVE-2022-3444\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0379-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0388-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0394-S\");\n\n script_name(english:\"Google Chrome < 106.0.5249.61 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote macOS host is prior to 106.0.5249.61. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the 2022_09_stable-channel-update-for-desktop_27 advisory.\n\n - Use after free in ChromeOS Notifications in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a\n remote attacker who convinced a user to reboot Chrome OS to potentially exploit heap corruption via UI\n interaction. (Chromium security severity: Low) (CVE-2022-3318)\n\n - Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to\n 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass\n navigation restrictions via a crafted HTML page. (Chromium security severity: High) (CVE-2022-3201)\n\n - Use after free in CSS in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2022-3304)\n\n - Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n (CVE-2022-3305, CVE-2022-3306)\n\n - Use after free in media in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2022-3307)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?97263b93\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1358907\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1343104\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1319229\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1320139\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1323488\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1342722\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1348415\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1240065\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1302813\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1303306\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1317904\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1328708\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1322812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1333623\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1300539\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1318791\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 106.0.5249.61 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3318\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-3315\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('MacOSX/Google Chrome/Installed');\n\ngoogle_chrome_check_version(fix:'106.0.5249.61', severity:SECURITY_HOLE, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:36:25", "description": "The remote host is affected by the vulnerability described in GLSA-202210-16 (Chromium, Google Chrome, Microsoft Edge:\nMultiple Vulnerabilities)\n\n - Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. (CVE-2022-3201)\n\n - Microsoft Edge (Chromium-based) Spoofing Vulnerability. (CVE-2022-41035)\n\n - Use after free in CSS. (CVE-2022-3304)\n\n - Use after free in Survey. (CVE-2022-3305, CVE-2022-3306)\n\n - Use after free in Media. (CVE-2022-3307)\n\n - Insufficient policy enforcement in Developer Tools. (CVE-2022-3308)\n\n - Use after free in Assistant. (CVE-2022-3309)\n\n - Insufficient policy enforcement in Custom Tabs. (CVE-2022-3310)\n\n - Use after free in Import. (CVE-2022-3311)\n\n - Insufficient validation of untrusted input in VPN. (CVE-2022-3312)\n\n - Incorrect security UI in Full Screen. (CVE-2022-3313)\n\n - Use after free in Logging. (CVE-2022-3314)\n\n - This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. (CVE-2022-3315, CVE-2022-3316, CVE-2022-3370, CVE-2022-3373)\n\n - Insufficient validation of untrusted input in Intents. (CVE-2022-3317)\n\n - Use after free in ChromeOS Notifications. (CVE-2022-3318)\n\n - Use after free in Skia. (CVE-2022-3445)\n\n - Heap buffer overflow in WebSQL. (CVE-2022-3446)\n\n - Inappropriate implementation in Custom Tabs. (CVE-2022-3447)\n\n - Use after free in Permissions API. (CVE-2022-3448)\n\n - Use after free in Safe Browsing. (CVE-2022-3449)\n\n - Use after free in Peer Connection. (CVE-2022-3450)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-10-31T00:00:00", "type": "nessus", "title": "GLSA-202210-16 : Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-3201", "CVE-2022-3304", "CVE-2022-3305", "CVE-2022-3306", "CVE-2022-3307", "CVE-2022-3308", "CVE-2022-3309", "CVE-2022-3310", "CVE-2022-3311", "CVE-2022-3312", "CVE-2022-3313", "CVE-2022-3314", "CVE-2022-3315", "CVE-2022-3316", "CVE-2022-3317", "CVE-2022-3318", "CVE-2022-3370", "CVE-2022-3373", "CVE-2022-3445", "CVE-2022-3446", "CVE-2022-3447", "CVE-2022-3448", "CVE-2022-3449", "CVE-2022-3450", "CVE-2022-41035"], "modified": "2022-10-31T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:chromium", "p-cpe:/a:gentoo:linux:chromium-bin", "p-cpe:/a:gentoo:linux:google-chrome", "p-cpe:/a:gentoo:linux:microsoft-edge", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202210-16.NASL", "href": "https://www.tenable.com/plugins/nessus/166728", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202210-16.\n#\n# The advisory text is Copyright (C) 2001-2021 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike\n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166728);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/10/31\");\n\n script_cve_id(\n \"CVE-2022-3201\",\n \"CVE-2022-3304\",\n \"CVE-2022-3305\",\n \"CVE-2022-3306\",\n \"CVE-2022-3307\",\n \"CVE-2022-3308\",\n \"CVE-2022-3309\",\n \"CVE-2022-3310\",\n \"CVE-2022-3311\",\n \"CVE-2022-3312\",\n \"CVE-2022-3313\",\n \"CVE-2022-3314\",\n \"CVE-2022-3315\",\n \"CVE-2022-3316\",\n \"CVE-2022-3317\",\n \"CVE-2022-3318\",\n \"CVE-2022-3370\",\n \"CVE-2022-3373\",\n \"CVE-2022-3445\",\n \"CVE-2022-3446\",\n \"CVE-2022-3447\",\n \"CVE-2022-3448\",\n \"CVE-2022-3449\",\n \"CVE-2022-3450\",\n \"CVE-2022-41035\"\n );\n\n script_name(english:\"GLSA-202210-16 : Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is affected by the vulnerability described in GLSA-202210-16 (Chromium, Google Chrome, Microsoft Edge:\nMultiple Vulnerabilities)\n\n - Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to\n 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass\n navigation restrictions via a crafted HTML page. (CVE-2022-3201)\n\n - Microsoft Edge (Chromium-based) Spoofing Vulnerability. (CVE-2022-41035)\n\n - Use after free in CSS. (CVE-2022-3304)\n\n - Use after free in Survey. (CVE-2022-3305, CVE-2022-3306)\n\n - Use after free in Media. (CVE-2022-3307)\n\n - Insufficient policy enforcement in Developer Tools. (CVE-2022-3308)\n\n - Use after free in Assistant. (CVE-2022-3309)\n\n - Insufficient policy enforcement in Custom Tabs. (CVE-2022-3310)\n\n - Use after free in Import. (CVE-2022-3311)\n\n - Insufficient validation of untrusted input in VPN. (CVE-2022-3312)\n\n - Incorrect security UI in Full Screen. (CVE-2022-3313)\n\n - Use after free in Logging. (CVE-2022-3314)\n\n - This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this\n vulnerability. Please see Google Chrome Releases for more information. (CVE-2022-3315, CVE-2022-3316,\n CVE-2022-3370, CVE-2022-3373)\n\n - Insufficient validation of untrusted input in Intents. (CVE-2022-3317)\n\n - Use after free in ChromeOS Notifications. (CVE-2022-3318)\n\n - Use after free in Skia. (CVE-2022-3445)\n\n - Heap buffer overflow in WebSQL. (CVE-2022-3446)\n\n - Inappropriate implementation in Custom Tabs. (CVE-2022-3447)\n\n - Use after free in Permissions API. (CVE-2022-3448)\n\n - Use after free in Safe Browsing. (CVE-2022-3449)\n\n - Use after free in Peer Connection. (CVE-2022-3450)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security.gentoo.org/glsa/202210-16\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=873217\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=873817\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=874855\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=876855\");\n script_set_attribute(attribute:\"solution\", value:\n\"All Chromium users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=www-client/chromium-106.0.5249.119\n \nAll Chromium binary users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=www-client/chromium-bin-106.0.5249.119\n \nAll Google Chrome users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=www-client/google-chrome-106.0.5249.119\n \nAll Microsoft Edge users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=www-client/microsoft-edge-106.0.1370.37\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3450\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-41035\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:chromium-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:google-chrome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:microsoft-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\ninclude('qpkg.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/Gentoo/release')) audit(AUDIT_OS_NOT, 'Gentoo');\nif (!get_kb_item('Host/Gentoo/qpkg-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar flag = 0;\n\nvar packages = [\n {\n 'name' : 'www-client/chromium',\n 'unaffected' : make_list(\"ge 106.0.5249.119\", \"lt 106.0.0\"),\n 'vulnerable' : make_list(\"lt 106.0.5249.119\")\n },\n {\n 'name' : 'www-client/chromium-bin',\n 'unaffected' : make_list(\"ge 106.0.5249.119\", \"lt 106.0.0\"),\n 'vulnerable' : make_list(\"lt 106.0.5249.119\")\n },\n {\n 'name' : 'www-client/google-chrome',\n 'unaffected' : make_list(\"ge 106.0.5249.119\", \"lt 106.0.0\"),\n 'vulnerable' : make_list(\"lt 106.0.5249.119\")\n },\n {\n 'name' : 'www-client/microsoft-edge',\n 'unaffected' : make_list(\"ge 106.0.1370.37\", \"lt 106.0.0\"),\n 'vulnerable' : make_list(\"lt 106.0.1370.37\")\n }\n];\n\nforeach package( packages ) {\n if (isnull(package['unaffected'])) package['unaffected'] = make_list();\n if (isnull(package['vulnerable'])) package['vulnerable'] = make_list();\n if (qpkg_check(package: package['name'] , unaffected: package['unaffected'], vulnerable: package['vulnerable'])) flag++;\n}\n\n# This plugin has a different number of unaffected and vulnerable versions for\n# one or more packages. To ensure proper detection, a separate line should be \n# used for each fixed/vulnerable version pair.\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : qpkg_report_get()\n );\n exit(0);\n}\nelse\n{\n qpkg_tests = list_uniq(qpkg_tests);\n var tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Chromium / Google Chrome / Microsoft Edge');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-09T02:44:58", "description": "This plugin detects the potential presence of a web shell in selected directories and this can be indicative that the host might have been exploited with CVE-2022-41040 / CVE-2022-41082. It is recommended that the results are manually verified and appropriate remediation actions taken.\n\nNote that Nessus has not tested for this issue but has instead looked for files that could potentially indicate compromise.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-03T00:00:00", "type": "nessus", "title": "Potential exposure to Microsoft Exchange CVE-2022-41040 / CVE-2022-41082 Exploit", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-41040", "CVE-2022-41082"], "modified": "2023-03-08T00:00:00", "cpe": ["cpe:/a:microsoft:exchange_server"], "id": "EXCHANGE_CVE-2022-41040_IOC.NBIN", "href": "https://www.tenable.com/plugins/nessus/165629", "sourceData": "Binary data exchange_cve-2022-41040_ioc.nbin", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-13T00:56:38", "description": "The Microsoft Exchange Server installed on the remote host is potentially affected by multiple zero-day vulnerabilities, dubbed ProxyNotShell:\n\n - An unspecified authenticated server-side request forgery (SSRF) vulnerability. (CVE-2022-41040)\n\n - An unspecified authenticated remote code execution (RCE) vulnerability when PowerShell is accessible to the attacker. (CVE-2022-41082)\n\nPlease refer to Microsoft for guidance on mitigations for these vulnerabilities.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-05T00:00:00", "type": "nessus", "title": "Microsoft Exchange Server October 2022 Zero-day Vulnerabilities (ProxyNotShell)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-41040", "CVE-2022-41082"], "modified": "2023-01-12T00:00:00", "cpe": ["cpe:/a:microsoft:exchange_server"], "id": "SMB_NT_MS22_OCT_EXCHANGE_ZERODAY.NASL", "href": "https://www.tenable.com/plugins/nessus/165705", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc. \n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165705);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2022-41040\", \"CVE-2022-41082\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/10/21\");\n script_xref(name:\"IAVA\", value:\"2022-A-0474-S\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2022-0031\");\n\n script_name(english:\"Microsoft Exchange Server October 2022 Zero-day Vulnerabilities (ProxyNotShell)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Microsoft Exchange Server installed on the remote host is potentially affected by multiple zero-day vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft Exchange Server installed on the remote host is potentially affected by multiple zero-day\nvulnerabilities, dubbed ProxyNotShell:\n\n - An unspecified authenticated server-side request forgery (SSRF) vulnerability. (CVE-2022-41040)\n\n - An unspecified authenticated remote code execution (RCE) vulnerability when PowerShell is accessible to the\n attacker. (CVE-2022-41082)\n\nPlease refer to Microsoft for guidance on mitigations for these vulnerabilities.\");\n # https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?57fc3035\");\n # https://www.tenable.com/blog/cve-2022-41040-and-cve-2022-41082-proxyshell-variant-exploited-in-the-wild\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4c7cacb5\");\n script_set_attribute(attribute:\"see_also\", value:\"https://community.tenable.com/s/feed/0D53a00008oIvkYCAS\");\n script_set_attribute(attribute:\"solution\", value:\n\"Contact Microsoft for patching guidance.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-41082\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Microsoft Exchange ProxyNotShell RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:exchange_server\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ms_bulletin_checks_possible.nasl\", \"microsoft_exchange_installed.nbin\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude('vcf_extras_microsoft.inc');\n\nvar app_info = vcf::microsoft::exchange::get_app_info();\n\nvar constraints =\n[\n {\n 'product' : '2013',\n 'cu': 23,\n 'unsupported_cu': 22,\n 'fixed_version': '15.0.1497.42.1',\n 'fixed_display': 'Contact Microsoft for patching guidance.'\n },\n {\n 'product' : '2016',\n 'cu': 22,\n 'unsupported_cu': 21,\n 'fixed_version': '15.1.2375.32.1',\n 'fixed_display': 'Contact Microsoft for patching guidance.'\n },\n {\n 'product': '2016',\n 'cu': 23,\n 'unsupported_cu': 21,\n 'fixed_version': '15.1.2507.13.1',\n 'fixed_display': 'Contact Microsoft for patching guidance.'\n },\n {\n 'product' : '2019',\n 'cu': 11,\n 'unsupported_cu': 10,\n 'fixed_version': '15.2.986.36',\n 'fixed_display': 'Contact Microsoft for patching guidance.'\n },\n {\n 'product' : '2019',\n 'cu': 12,\n 'unsupported_cu': 10,\n 'fixed_version': '15.2.1118.15.1',\n 'fixed_display': 'Contact Microsoft for patching guidance.'\n }\n];\n\nvcf::microsoft::exchange::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_HOLE\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:30:42", "description": "The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5245 advisory.\n\n - Use after free in Custom Elements. (CVE-2022-3370)\n\n - Out of bounds write in V8. (CVE-2022-3373)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-10-03T00:00:00", "type": "nessus", "title": "Debian DSA-5245-1 : chromium - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-3370", "CVE-2022-3373"], "modified": "2022-11-02T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:chromium", "p-cpe:/a:debian:debian_linux:chromium-common", "p-cpe:/a:debian:debian_linux:chromium-driver", "p-cpe:/a:debian:debian_linux:chromium-l10n", "p-cpe:/a:debian:debian_linux:chromium-sandbox", "p-cpe:/a:debian:debian_linux:chromium-shell", "cpe:/o:debian:debian_linux:11.0"], "id": "DEBIAN_DSA-5245.NASL", "href": "https://www.tenable.com/plugins/nessus/165625", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dsa-5245. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165625);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/02\");\n\n script_cve_id(\"CVE-2022-3370\", \"CVE-2022-3373\");\n script_xref(name:\"IAVA\", value:\"2022-A-0394-S\");\n\n script_name(english:\"Debian DSA-5245-1 : chromium - security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndsa-5245 advisory.\n\n - Use after free in Custom Elements. (CVE-2022-3370)\n\n - Out of bounds write in V8. (CVE-2022-3373)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/chromium\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2022/dsa-5245\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3370\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3373\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/bullseye/chromium\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the chromium packages.\n\nFor the stable distribution (bullseye), these problems have been fixed in version 106.0.5249.91-1~deb11u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3370\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-3373\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-driver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-l10n\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-sandbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-shell\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:11.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(11)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 11.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '11.0', 'prefix': 'chromium', 'reference': '106.0.5249.91-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-common', 'reference': '106.0.5249.91-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-driver', 'reference': '106.0.5249.91-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-l10n', 'reference': '106.0.5249.91-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-sandbox', 'reference': '106.0.5249.91-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-shell', 'reference': '106.0.5249.91-1~deb11u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'chromium / chromium-common / chromium-driver / chromium-l10n / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-25T10:49:11", "description": "The version of Google Chrome installed on the remote Windows host is prior to 106.0.5249.91. It is, therefore, affected by multiple vulnerabilities as referenced in the 2022_09_stable-channel-update-for-desktop_30 advisory.\n\n - Use after free in Custom Elements in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2022-3370)\n\n - Out of bounds write in V8 in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) (CVE-2022-3373)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-30T00:00:00", "type": "nessus", "title": "Google Chrome < 106.0.5249.91 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-3370", "CVE-2022-3373"], "modified": "2023-03-21T00:00:00", "cpe": ["cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"], "id": "GOOGLE_CHROME_106_0_5249_91.NASL", "href": "https://www.tenable.com/plugins/nessus/165590", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165590);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/21\");\n\n script_cve_id(\"CVE-2022-3370\", \"CVE-2022-3373\");\n script_xref(name:\"IAVA\", value:\"2022-A-0394-S\");\n\n script_name(english:\"Google Chrome < 106.0.5249.91 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is prior to 106.0.5249.91. It is, therefore, affected\nby multiple vulnerabilities as referenced in the 2022_09_stable-channel-update-for-desktop_30 advisory.\n\n - Use after free in Custom Elements in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n (CVE-2022-3370)\n\n - Out of bounds write in V8 in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to perform an\n out of bounds memory write via a crafted HTML page. (Chromium security severity: High) (CVE-2022-3373)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_30.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6ee6bb19\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1366813\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1366399\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 106.0.5249.91 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3370\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-3373\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('SMB/Google_Chrome/Installed');\nvar installs = get_kb_list('SMB/Google_Chrome/*');\n\ngoogle_chrome_check_version(installs:installs, fix:'106.0.5249.91', severity:SECURITY_HOLE, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-25T08:15:04", "description": "The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the d459c914-4100-11ed-9bc7-3065ec8fd3ec advisory.\n\n - Out of bounds write in V8 in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) (CVE-2022-3373)\n\n - Use after free in Custom Elements in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2022-3370)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-30T00:00:00", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (d459c914-4100-11ed-9bc7-3065ec8fd3ec)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-3370", "CVE-2022-3373"], "modified": "2023-03-21T00:00:00", "cpe": ["cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*", "p-cpe:2.3:a:freebsd:freebsd:chromium:*:*:*:*:*:*:*"], "id": "FREEBSD_PKG_D459C914410011ED9BC73065EC8FD3EC.NASL", "href": "https://www.tenable.com/plugins/nessus/165603", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2021 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n#\n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165603);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/21\");\n\n script_cve_id(\"CVE-2022-3370\", \"CVE-2022-3373\");\n script_xref(name:\"IAVA\", value:\"2022-A-0394-S\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (d459c914-4100-11ed-9bc7-3065ec8fd3ec)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple\nvulnerabilities as referenced in the d459c914-4100-11ed-9bc7-3065ec8fd3ec advisory.\n\n - Out of bounds write in V8 in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to perform an\n out of bounds memory write via a crafted HTML page. (Chromium security severity: High) (CVE-2022-3373)\n\n - Use after free in Custom Elements in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n (CVE-2022-3370)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_30.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6ee6bb19\");\n # https://vuxml.freebsd.org/freebsd/d459c914-4100-11ed-9bc7-3065ec8fd3ec.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?abddf888\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3373\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"freebsd_package.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nvar flag = 0;\n\nvar packages = [\n 'chromium<106.0.5249.91'\n];\n\nforeach var package( packages ) {\n if (pkg_test(save_report:TRUE, pkg: package)) flag++;\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : pkg_report_get()\n );\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-25T21:11:32", "description": "The version of Google Chrome installed on the remote macOS host is prior to 106.0.5249.91. It is, therefore, affected by multiple vulnerabilities as referenced in the 2022_09_stable-channel-update-for-desktop_30 advisory.\n\n - Use after free in Custom Elements in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2022-3370)\n\n - Out of bounds write in V8 in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) (CVE-2022-3373)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-30T00:00:00", "type": "nessus", "title": "Google Chrome < 106.0.5249.91 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-3370", "CVE-2022-3373"], "modified": "2023-03-21T00:00:00", "cpe": ["cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"], "id": "MACOSX_GOOGLE_CHROME_106_0_5249_91.NASL", "href": "https://www.tenable.com/plugins/nessus/165589", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165589);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/21\");\n\n script_cve_id(\"CVE-2022-3370\", \"CVE-2022-3373\");\n script_xref(name:\"IAVA\", value:\"2022-A-0394-S\");\n\n script_name(english:\"Google Chrome < 106.0.5249.91 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote macOS host is prior to 106.0.5249.91. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the 2022_09_stable-channel-update-for-desktop_30 advisory.\n\n - Use after free in Custom Elements in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n (CVE-2022-3370)\n\n - Out of bounds write in V8 in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to perform an\n out of bounds memory write via a crafted HTML page. (Chromium security severity: High) (CVE-2022-3373)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_30.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6ee6bb19\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1366813\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1366399\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 106.0.5249.91 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3370\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-3373\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('MacOSX/Google Chrome/Installed');\n\ngoogle_chrome_check_version(fix:'106.0.5249.91', severity:SECURITY_HOLE, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:34:09", "description": "The Azure Service Fabric installed on the remote host is affected by a spoofing vulnerability. A remote, authenticated attacker can exploit this to compromise confidentiality.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "baseScore": 4.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-10-26T00:00:00", "type": "nessus", "title": "Azure Service Fabric Explorer Spoofing (Oct 2022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-35829"], "modified": "2022-11-28T00:00:00", "cpe": ["cpe:/a:microsoft:azure_service_fabric"], "id": "SMB_NT_MS22_OCT_AZURE_SERVICE_FABRIC_EXPLORER.NASL", "href": "https://www.tenable.com/plugins/nessus/166536", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166536);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/28\");\n\n script_cve_id(\"CVE-2022-35829\");\n\n script_name(english:\"Azure Service Fabric Explorer Spoofing (Oct 2022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Azure Service Fabric installed on the remote host is affected by a spoofing vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Azure Service Fabric installed on the remote host is affected by a spoofing vulnerability. A remote,\nauthenticated attacker can exploit this to compromise confidentiality.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35829\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4f31120e\");\n # https://learn.microsoft.com/en-us/azure/service-fabric/service-fabric-versions\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?477258c9\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to version 9.0 CU4 (9.0.1121.9590) or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:M/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-35829\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:azure_service_fabric\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_azure_service_fabric_web_detect.nbin\", \"microsoft_azure_service_fabric_installed.nbin\");\n script_require_keys(\"installed_sw/Microsoft Azure Service Fabric\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nvar appname = 'Microsoft Azure Service Fabric';\n\nvar app_info = vcf::combined_get_app_info(app:appname);\n\nvar constraints = [\n { 'fixed_version' : '9.0.1121.9590' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "kaspersky": [{"lastseen": "2022-12-05T22:10:54", "description": "### *Detect date*:\n10/11/2022\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface, obtain sensitive information, cause denial of service, execute arbitrary code, bypass security restrictions.\n\n### *Affected products*:\nWindows Server 2012 \nWindows 8.1 for 32-bit systems \nWindows 10 Version 21H2 for ARM64-based Systems \nWindows 10 Version 21H2 for x64-based Systems \nWindows Server 2019 (Server Core installation) \nWindows 10 Version 21H1 for ARM64-based Systems \nWindows 11 Version 22H2 for ARM64-based Systems \nWindows 10 Version 21H1 for x64-based Systems \nWindows Server 2019 \nWindows 10 Version 21H2 for 32-bit Systems \nWindows Server 2012 R2 (Server Core installation) \nWindows Server 2016 (Server Core installation) \nWindows Server 2022 \nWindows Server 2022 (Server Core installation) \nWindows 10 Version 1809 for ARM64-based Systems \nWindows 10 Version 1809 for 32-bit Systems \nWindows 10 Version 1607 for 32-bit Systems \nWindows 10 Version 1809 for x64-based Systems \nWindows 10 for x64-based Systems \nWindows Server 2012 R2 \nWindows 11 for ARM64-based Systems \nWindows 10 Version 20H2 for ARM64-based Systems \nWindows 10 Version 21H1 for 32-bit Systems \nWindows RT 8.1 \nWindows 10 Version 20H2 for 32-bit Systems \nWindows Server 2016 \nWindows 10 Version 1607 for x64-based Systems \nWindows 10 Version 20H2 for x64-based Systems \nWindows Server 2012 (Server Core installation) \nWindows 11 for x64-based Systems \nWindows 10 for 32-bit Systems \nWindows 8.1 for x64-based systems \nWindows 11 Version 22H2 for x64-based Systems\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2022-38029](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38029>) \n[CVE-2022-34689](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34689>) \n[CVE-2022-37985](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37985>) \n[CVE-2022-37975](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37975>) \n[CVE-2022-37996](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37996>) \n[CVE-2022-38050](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38050>) \n[CVE-2022-37965](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37965>) \n[CVE-2022-37983](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37983>) \n[CVE-2022-38042](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38042>) \n[CVE-2022-37984](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37984>) \n[CVE-2022-37981](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37981>) \n[CVE-2022-24504](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24504>) \n[CVE-2022-33634](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33634>) \n[CVE-2022-37990](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37990>) \n[CVE-2022-38046](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38046>) \n[CVE-2022-38003](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38003>) \n[CVE-2022-38038](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38038>) \n[CVE-2022-37979](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37979>) \n[CVE-2022-37998](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37998>) \n[CVE-2022-37991](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37991>) \n[CVE-2022-37993](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37993>) \n[CVE-2022-38041](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38041>) \n[CVE-2022-38030](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38030>) \n[CVE-2022-38027](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38027>) \n[CVE-2022-33645](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33645>) \n[CVE-2022-38034](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38034>) \n[CVE-2022-37977](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37977>) \n[CVE-2022-38033](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38033>) \n[CVE-2022-38037](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38037>) \n[CVE-2022-38028](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38028>) \n[CVE-2022-38000](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38000>) \n[CVE-2022-37989](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37989>) \n[CVE-2022-37978](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37978>) \n[CVE-2022-41033](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41033>) \n[CVE-2022-37994](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37994>) \n[CVE-2022-37974](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37974>) \n[CVE-2022-38021](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38021>) \n[CVE-2022-37999](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37999>) \n[CVE-2022-37973](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37973>) \n[CVE-2022-38032](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38032>) \n[CVE-2022-38045](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38045>) \n[CVE-2022-38051](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38051>) \n[CVE-2022-37976](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37976>) \n[CVE-2022-38047](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38047>) \n[CVE-2022-38044](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38044>) \n[CVE-2022-38040](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38040>) \n[CVE-2022-37970](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37970>) \n[CVE-2022-37982](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37982>) \n[CVE-2022-38025](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38025>) \n[CVE-2022-37997](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37997>) \n[CVE-2022-38016](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38016>) \n[CVE-2022-33635](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33635>) \n[CVE-2022-22035](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22035>) \n[CVE-2022-37980](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37980>) \n[CVE-2022-38043](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38043>) \n[CVE-2022-37995](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37995>) \n[CVE-2022-37988](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37988>) \n[CVE-2022-38026](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38026>) \n[CVE-2022-30198](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30198>) \n[CVE-2022-38022](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38022>) \n[CVE-2022-37986](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37986>) \n[CVE-2022-38039](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38039>) \n[CVE-2022-38036](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38036>) \n[CVE-2022-41081](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41081>) \n[CVE-2022-37987](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37987>) \n[CVE-2022-38031](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38031>) \n[CVE-2022-35770](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35770>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Windows](<https://threats.kaspersky.com/en/product/Microsoft-Windows/>)\n\n### *KB list*:\n[5016627](<http://support.microsoft.com/kb/5016627>) \n[5016672](<http://support.microsoft.com/kb/5016672>) \n[5016622](<http://support.microsoft.com/kb/5016622>) \n[5016683](<http://support.microsoft.com/kb/5016683>) \n[5016639](<http://support.microsoft.com/kb/5016639>) \n[5016616](<http://support.microsoft.com/kb/5016616>) \n[5016623](<http://support.microsoft.com/kb/5016623>) \n[5016684](<http://support.microsoft.com/kb/5016684>) \n[5016681](<http://support.microsoft.com/kb/5016681>) \n[5016629](<http://support.microsoft.com/kb/5016629>) \n[5018474](<http://support.microsoft.com/kb/5018474>) \n[5018478](<http://support.microsoft.com/kb/5018478>) \n[5018418](<http://support.microsoft.com/kb/5018418>) \n[5018476](<http://support.microsoft.com/kb/5018476>) \n[5018427](<http://support.microsoft.com/kb/5018427>) \n[5018457](<http://support.microsoft.com/kb/5018457>) \n[5018410](<http://support.microsoft.com/kb/5018410>) \n[5018425](<http://support.microsoft.com/kb/5018425>) \n[5018421](<http://support.microsoft.com/kb/5018421>) \n[5018411](<http://support.microsoft.com/kb/5018411>) \n[5018419](<http://support.microsoft.com/kb/5018419>)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T00:00:00", "type": "kaspersky", "title": "KLA20000 Multiple vulnerabilities in Microsoft Windows", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-33634", "CVE-2022-33635", "CVE-2022-33645", "CVE-2022-34689", "CVE-2022-35770", "CVE-2022-37965", "CVE-2022-37970", "CVE-2022-37973", "CVE-2022-37974", "CVE-2022-37975", "CVE-2022-37976", "CVE-2022-37977", "CVE-2022-37978", "CVE-2022-37979", "CVE-2022-37980", "CVE-2022-37981", "CVE-2022-37982", "CVE-2022-37983", "CVE-2022-37984", "CVE-2022-37985", "CVE-2022-37986", "CVE-2022-37987", "CVE-2022-37988", "CVE-2022-37989", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37993", "CVE-2022-37994", "CVE-2022-37995", "CVE-2022-37996", "CVE-2022-37997", "CVE-2022-37998", "CVE-2022-37999", "CVE-2022-38000", "CVE-2022-38003", "CVE-2022-38016", "CVE-2022-38021", "CVE-2022-38022", "CVE-2022-38025", "CVE-2022-38026", "CVE-2022-38027", "CVE-2022-38028", "CVE-2022-38029", "CVE-2022-38030", "CVE-2022-38031", "CVE-2022-38032", "CVE-2022-38033", "CVE-2022-38034", "CVE-2022-38036", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38039", "CVE-2022-38040", "CVE-2022-38041", "CVE-2022-38042", "CVE-2022-38043", "CVE-2022-38044", "CVE-2022-38045", "CVE-2022-38046", "CVE-2022-38047", "CVE-2022-38050", "CVE-2022-38051", "CVE-2022-41033", "CVE-2022-41081"], "modified": "2022-10-12T00:00:00", "id": "KLA20000", "href": "https://threats.kaspersky.com/en/vulnerability/KLA20000/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-12T16:51:14", "description": "### *Detect date*:\n10/11/2022\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface, obtain sensitive information, bypass security restrictions, execute arbitrary code, cause denial of service.\n\n### *Affected products*:\nWindows 7 for 32-bit Systems Service Pack 1 \nWindows Server 2008 for 32-bit Systems Service Pack 2 \nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) \nWindows 7 for x64-based Systems Service Pack 1 \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) \nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 \nWindows Server 2008 for x64-based Systems Service Pack 2\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2022-41033](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41033>) \n[CVE-2022-38029](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38029>) \n[CVE-2022-37994](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37994>) \n[CVE-2022-34689](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34689>) \n[CVE-2022-37985](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37985>) \n[CVE-2022-37975](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37975>) \n[CVE-2022-37999](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37999>) \n[CVE-2022-38032](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38032>) \n[CVE-2022-38051](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38051>) \n[CVE-2022-37976](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37976>) \n[CVE-2022-38042](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38042>) \n[CVE-2022-38047](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38047>) \n[CVE-2022-38044](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38044>) \n[CVE-2022-37981](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37981>) \n[CVE-2022-24504](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24504>) \n[CVE-2022-38040](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38040>) \n[CVE-2022-33634](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33634>) \n[CVE-2022-37990](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37990>) \n[CVE-2022-37982](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37982>) \n[CVE-2022-37997](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37997>) \n[CVE-2022-33635](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33635>) \n[CVE-2022-22035](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22035>) \n[CVE-2022-38038](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38038>) \n[CVE-2022-38043](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38043>) \n[CVE-2022-37988](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37988>) \n[CVE-2022-37991](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37991>) \n[CVE-2022-37993](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37993>) \n[CVE-2022-38026](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38026>) \n[CVE-2022-38041](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38041>) \n[CVE-2022-30198](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30198>) \n[CVE-2022-33645](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33645>) \n[CVE-2022-38034](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38034>) \n[CVE-2022-37977](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37977>) \n[CVE-2022-38033](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38033>) \n[CVE-2022-38022](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38022>) \n[CVE-2022-37986](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37986>) \n[CVE-2022-38037](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38037>) \n[CVE-2022-41081](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41081>) \n[CVE-2022-37987](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37987>) \n[CVE-2022-38031](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38031>) \n[CVE-2022-38000](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38000>) \n[CVE-2022-35770](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35770>) \n[CVE-2022-37989](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37989>) \n[CVE-2022-37978](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37978>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Windows](<https://threats.kaspersky.com/en/product/Microsoft-Windows/>)\n\n### *KB list*:\n[5016622](<http://support.microsoft.com/kb/5016622>) \n[5016686](<http://support.microsoft.com/kb/5016686>) \n[5016669](<http://support.microsoft.com/kb/5016669>) \n[5016679](<http://support.microsoft.com/kb/5016679>) \n[5016676](<http://support.microsoft.com/kb/5016676>) \n[5018446](<http://support.microsoft.com/kb/5018446>) \n[5018479](<http://support.microsoft.com/kb/5018479>) \n[5018450](<http://support.microsoft.com/kb/5018450>) \n[5018454](<http://support.microsoft.com/kb/5018454>)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T00:00:00", "type": "kaspersky", "title": "KLA20001 Multiple vulnerabilities in Microsoft Products (ESU)", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-33634", "CVE-2022-33635", "CVE-2022-33645", "CVE-2022-34689", "CVE-2022-35770", "CVE-2022-37975", "CVE-2022-37976", "CVE-2022-37977", "CVE-2022-37978", "CVE-2022-37981", "CVE-2022-37982", "CVE-2022-37985", "CVE-2022-37986", "CVE-2022-37987", "CVE-2022-37988", "CVE-2022-37989", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37993", "CVE-2022-37994", "CVE-2022-37997", "CVE-2022-37999", "CVE-2022-38000", "CVE-2022-38022", "CVE-2022-38026", "CVE-2022-38029", "CVE-2022-38031", "CVE-2022-38032", "CVE-2022-38033", "CVE-2022-38034", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38040", "CVE-2022-38041", "CVE-2022-38042", "CVE-2022-38043", "CVE-2022-38044", "CVE-2022-38047", "CVE-2022-38051", "CVE-2022-41033", "CVE-2022-41081"], "modified": "2022-10-12T00:00:00", "id": "KLA20001", "href": "https://threats.kaspersky.com/en/vulnerability/KLA20001/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-12T16:51:13", "description": "### *Detect date*:\n10/11/2022\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, obtain sensitive information.\n\n### *Affected products*:\nMicrosoft Office LTSC 2021 for 64-bit editions \nMicrosoft Office LTSC 2021 for 32-bit editions \nMicrosoft SharePoint Enterprise Server 2013 Service Pack 1 \nMicrosoft Office 2013 RT Service Pack 1 \nMicrosoft Office 2016 (32-bit edition) \nMicrosoft SharePoint Foundation 2013 Service Pack 1 \nMicrosoft SharePoint Server Subscription Edition \nMicrosoft Office 2016 (64-bit edition) \nMicrosoft 365 Apps for Enterprise for 64-bit Systems \nMicrosoft SharePoint Enterprise Server 2016 \nMicrosoft Office 2013 Service Pack 1 (32-bit editions) \nMicrosoft Office 2019 for Mac \nMicrosoft Office LTSC for Mac 2021 \nMicrosoft SharePoint Server 2019 \nMicrosoft Office 2019 for 32-bit editions \nMicrosoft 365 Apps for Enterprise for 32-bit Systems \nMicrosoft Office 2019 for 64-bit editions \nMicrosoft Office 2013 Service Pack 1 (64-bit editions)\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2022-41036](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41036>) \n[CVE-2022-38001](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38001>) \n[CVE-2022-41037](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41037>) \n[CVE-2022-38048](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38048>) \n[CVE-2022-41031](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41031>) \n[CVE-2022-38053](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38053>) \n[CVE-2022-38049](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38049>) \n[CVE-2022-41043](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41043>) \n[CVE-2022-41038](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41038>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Office](<https://threats.kaspersky.com/en/product/Microsoft-Office/>)\n\n### *KB list*:\n[5002279](<http://support.microsoft.com/kb/5002279>) \n[5002287](<http://support.microsoft.com/kb/5002287>) \n[5002278](<http://support.microsoft.com/kb/5002278>) \n[5002283](<http://support.microsoft.com/kb/5002283>) \n[5002026](<http://support.microsoft.com/kb/5002026>) \n[5002290](<http://support.microsoft.com/kb/5002290>) \n[5002288](<http://support.microsoft.com/kb/5002288>) \n[5002284](<http://support.microsoft.com/kb/5002284>)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T00:00:00", "type": "kaspersky", "title": "KLA20002 Multiple vulnerabilities in Microsoft Office", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-38001", "CVE-2022-38048", "CVE-2022-38049", "CVE-2022-38053", "CVE-2022-41031", "CVE-2022-41036", "CVE-2022-41037", "CVE-2022-41038", "CVE-2022-41043"], "modified": "2022-10-12T00:00:00", "id": "KLA20002", "href": "https://threats.kaspersky.com/en/vulnerability/KLA20002/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-28T17:23:16", "description": "### *Detect date*:\n10/03/2022\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, spoof user interface.\n\n### *Affected products*:\nMicrosoft Edge (Chromium-based)\n\n### *Solution*:\nInstall necessary updates from the Settings and more menu, that are listed in your About Microsoft Edge page (Microsoft Edge About page usually can be accessed from the Help and feedback option) \n[Microsoft Edge update settings](<https://support.microsoft.com/en-us/topic/microsoft-edge-update-settings-af8aaca2-1b69-4870-94fe-18822dbb7ef1>)\n\n### *Original advisories*:\n[CVE-2022-3311](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3311>) \n[CVE-2022-41035](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41035>) \n[CVE-2022-3317](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3317>) \n[CVE-2022-3316](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3316>) \n[CVE-2022-3307](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3307>) \n[CVE-2022-3313](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3313>) \n[CVE-2022-3304](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3304>) \n[CVE-2022-3315](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3315>) \n[CVE-2022-3308](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3308>) \n[CVE-2022-3310](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3310>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Edge](<https://threats.kaspersky.com/en/product/Microsoft-Edge/>)\n\n### *CVE-IDS*:\n[CVE-2022-3311](<https://vulners.com/cve/CVE-2022-3311>)5.0Critical \n[CVE-2022-3307](<https://vulners.com/cve/CVE-2022-3307>)5.0Critical \n[CVE-2022-3308](<https://vulners.com/cve/CVE-2022-3308>)5.0Critical \n[CVE-2022-3317](<https://vulners.com/cve/CVE-2022-3317>)5.0Critical \n[CVE-2022-3310](<https://vulners.com/cve/CVE-2022-3310>)5.0Critical \n[CVE-2022-3304](<https://vulners.com/cve/CVE-2022-3304>)5.0Critical \n[CVE-2022-3315](<https://vulners.com/cve/CVE-2022-3315>)5.0Critical \n[CVE-2022-3316](<https://vulners.com/cve/CVE-2022-3316>)5.0Critical \n[CVE-2022-3313](<https://vulners.com/cve/CVE-2022-3313>)5.0Critical \n[CVE-2022-41035](<https://vulners.com/cve/CVE-2022-41035>)5.0Critical\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-10-03T00:00:00", "type": "kaspersky", "title": "KLA19267 Multiple vulnerabilities in Microsoft Browser", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-3304", "CVE-2022-3307", "CVE-2022-3308", "CVE-2022-3310", "CVE-2022-3311", "CVE-2022-3313", "CVE-2022-3315", "CVE-2022-3316", "CVE-2022-3317", "CVE-2022-41035"], "modified": "2023-03-28T00:00:00", "id": "KLA19267", "href": "https://threats.kaspersky.com/en/vulnerability/KLA19267/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-12T16:51:07", "description": "### *Detect date*:\n10/11/2022\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information.\n\n### *Affected products*:\nVisual Studio 2022 for Mac version 17.3 \nMicrosoft Visual Studio 2022 version 17.0 \nMicrosoft Visual Studio 2022 version 17.3 \nVisual Studio Code \nJupyter Extension for Visual Studio Code \nMicrosoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) \n.NET Core 3.1 \nMicrosoft Visual Studio 2022 version 17.2 \n.NET 6.0 \nMicrosoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2022-41034](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41034>) \n[CVE-2022-41083](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41083>) \n[CVE-2022-41032](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41032>) \n[CVE-2022-41042](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41042>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Visual Studio](<https://threats.kaspersky.com/en/product/Microsoft-Visual-Studio/>)\n\n### *KB list*:\n[5019351](<http://support.microsoft.com/kb/5019351>) \n[5019349](<http://support.microsoft.com/kb/5019349>)", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T00:00:00", "type": "kaspersky", "title": "KLA20005 Multiple vulnerabilities in Microsoft Developer Tools", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-41032", "CVE-2022-41034", "CVE-2022-41042", "CVE-2022-41083"], "modified": "2022-10-12T00:00:00", "id": "KLA20005", "href": "https://threats.kaspersky.com/en/vulnerability/KLA20005/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-12T16:51:09", "description": "### *Detect date*:\n10/11/2022\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface.\n\n### *Affected products*:\nAzure Service Fabric Explorer \nAzure Arc-enabled Kubernetes cluster 1.8.11 \nAzure StorSimple 8000 Series \nAzure Arc-enabled Kubernetes cluster 1.5.8 \nAzure Arc-enabled Kubernetes cluster 1.7.18 \nAzure Arc-enabled Kubernetes cluster 1.6.19 \nAzure Stack Edge\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2022-37968](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37968>) \n[CVE-2022-38017](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38017>) \n[CVE-2022-35829](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35829>) \n\n\n### *Impacts*:\nPE \n\n### *Related products*:\n[Microsoft Edge](<https://threats.kaspersky.com/en/product/Microsoft-Edge/>)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-10-11T00:00:00", "type": "kaspersky", "title": "KLA20004 Multiple vulnerabilities in Microsoft Azure", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-35829", "CVE-2022-37968", "CVE-2022-38017"], "modified": "2022-10-12T00:00:00", "id": "KLA20004", "href": "https://threats.kaspersky.com/en/vulnerability/KLA20004/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-08T15:37:55", "description": "### *Detect date*:\n09/30/2022\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code.\n\n### *Affected products*:\nMicrosoft Exchange Server 2016 Cumulative Update 23 \nMicrosoft Exchange Server 2016 Cumulative Update 22 \nMicrosoft Exchange Server 2019 Cumulative Update 11 \nMicrosoft Exchange Server 2019 Cumulative Update 12 \nMicrosoft Exchange Server 2013 Cumulative Update 23\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2022-41040](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41040>) \n[CVE-2022-41082](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41082>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Exchange Server](<https://threats.kaspersky.com/en/product/Microsoft-Exchange-Server/>)\n\n### *CVE-IDS*:\n[CVE-2022-41040](<https://vulners.com/cve/CVE-2022-41040>)5.0Critical \n[CVE-2022-41082](<https://vulners.com/cve/CVE-2022-41082>)5.0Critical\n\n### *Microsoft official advisories*:\n\n\n### *KB list*:\n[5019758](<http://support.microsoft.com/kb/5019758>)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-30T00:00:00", "type": "kaspersky", "title": "KLA19264 Multiple vulnerabilities in Microsoft Exchange Server", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-41040", "CVE-2022-41082"], "modified": "2022-11-10T00:00:00", "id": "KLA19264", "href": "https://threats.kaspersky.com/en/vulnerability/KLA19264/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-28T17:23:13", "description": "### *Detect date*:\n10/06/2022\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code.\n\n### *Affected products*:\nMicrosoft Edge (Chromium-based)\n\n### *Solution*:\nInstall necessary updates from the Settings and more menu, that are listed in your About Microsoft Edge page (Microsoft Edge About page usually can be accessed from the Help and feedback option) \n[Microsoft Edge update settings](<https://support.microsoft.com/en-us/topic/microsoft-edge-update-settings-af8aaca2-1b69-4870-94fe-18822dbb7ef1>)\n\n### *Original advisories*:\n[CVE-2022-3373](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3373>) \n[CVE-2022-3370](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3370>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Edge](<https://threats.kaspersky.com/en/product/Microsoft-Edge/>)\n\n### *CVE-IDS*:\n[CVE-2022-3373](<https://vulners.com/cve/CVE-2022-3373>)5.0Critical \n[CVE-2022-3370](<https://vulners.com/cve/CVE-2022-3370>)5.0Critical\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-10-06T00:00:00", "type": "kaspersky", "title": "KLA19999 Multiple vulnerabilities in Microsoft Browser", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-3370", "CVE-2022-3373"], "modified": "2023-03-28T00:00:00", "id": "KLA19999", "href": "https://threats.kaspersky.com/en/vulnerability/KLA19999/", "cvss": {"score": 0.0, "vector": "NONE"}}], "talosblog": [{"lastseen": "2022-10-11T22:01:10", "description": "## \n\n\n[](<https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgvXCye060I61J31UBGmMV_5mqpTAh7foLGLne5aFYWIlZxCq7d8e_XxLW4m5G4EkBKWilGIuCD11duEEi2wgeW9F8SYYge1DnORfNaWkMedRFv29r_49ir-uGKu95M0_ovbo_Ppn3_AKlrA4sTtLUxIFV2sqiaH2G2sqQW39peOSAgNqbOetUWnyW4/s1001/recurring%20blog%20images_patch%20tuesday.jpg>)\n\n \n_ \n_\n\n_By Jon Munshaw and Vanja Svajcer._\n\nMicrosoft released its monthly security update Tuesday, disclosing 83 vulnerabilities across the company\u2019s hardware and software line, including seven critical issues in Windows\u2019 point-to-point tunneling protocol. \n\nOctober's security update features 11 critical vulnerabilities, with the remainder being \u201cimportant.\u201d \n\nOne of the most notable vulnerabilities Microsoft fixed this month is [CVE-2022-41038](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41038>), a remote code execution issue in Microsoft SharePoint. There are several other SharePoint vulnerabilities included in this month\u2019s Patch Tuesday, though this seems the most severe, as Microsoft continues it to be \u201cmore likely\u201d to be exploited. \n\nAn attacker must be authenticated to the target site with the correct permissions to use manage lists in SharePoint to exploit this vulnerability, and eventually gain the ability to execute remote code on the SharePoint server. \n\n[CVE-2022-37968](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37968>), an elevation of privilege vulnerability in Azure Arc Connect, has the highest severity score out of all the vulnerabilities Microsoft fixed this month \u2014 a maximum 10 out of 10. Successful exploitation of this vulnerability, which affects the cluster connect feature of Azure Arc-enabled Kubernetes clusters, could allow an unauthenticated user to elevate their privileges as cluster admins and potentially gain control over the Kubernetes cluster. \n\n[CVE-2022-37976](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37976>) and [CVE-2022-37979](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37979>) are also critical elevation of privilege vulnerabilities in Windows Active Directory and Hyper-V, respectively. \n\nThe Windows\u2019 point-to-point tunneling protocol, which is a network protocol used to create VPN tunnels between public networks, contains eight vulnerabilities that Microsoft disclosed Tuesday, seven of which are rated \u201ccritical\u201d severity: \n\n * [CVE-2022-22035](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22035>)\n * [CVE-2022-24504](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24504>) \n * [CVE-2022-30198](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30198>) \n * [CVE-2022-33634](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33634>) \n * [CVE-2022-38000](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38000>) \n * [CVE-2022-38047](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38047>) \n * [CVE-2022-41081](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41081>) \n\nCVE-2022-38000 is the most serious among the group with a severity rating of 9. An attacker could successfully exploit this issue to launch remote code at the remote server. \n\nMicrosoft Office and Word also contain critical remote code execution vulnerabilities. These are usually popular targets for adversaries, as they are one of the most popular pieces of software in the world and can be exploited just by tricking a user into opening a specially crafted document: \n\n * [CVE-2022-38048](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38048>)\n * [CVE-2022-38049](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38049>) \n * [CVE-2022-41031](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41031>) \n\nMicrosoft has also included 12 vulnerabilities in Google Chromium, the open-source web browser that is the basis for Microsoft\u2019s Edge browser. Google has already disclosed and fixed these issues, so users do not need to take any additional steps to implement patches: \n\n * [CVE-2022-3304](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3304>) \n * [CVE-2022-3307](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3307>) \n * [CVE-2022-3308](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3308>) \n * [CVE-2022-3310](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3310>) \n * [CVE-2022-3311](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3311>) \n * [CVE-2022-3313](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3313>) \n * [CVE-2022-3315](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3315>) \n * [CVE-2022-3316](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3316>) \n * [CVE-2022-3317](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3317>) \n * [CVE-2022-3370](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3370>) \n * [CVE-2022-3373](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3373>) \n * [CVE-2022-41035](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41035>) \n\nA complete list of all the vulnerabilities Microsoft disclosed this month is available on its update page. \n\nIn response to these vulnerability disclosures, Talos is releasing a new Snort rule set that detects attempts to exploit some of them. Please note that additional rules may be released at a future date and current rules are subject to change pending additional information. Cisco Secure Firewall customers should use the latest update to their ruleset by updating their SRU. Open-source Snort Subscriber Rule Set customers can stay up to date by downloading the latest rule pack available for purchase on Snort.org. \n\nThe rules included in this release that protect against the exploitation of many of these vulnerabilities are 60693 - 60696, 60698 - 60701, 60706, 60701 - 60705, 60708 and 60709. There are also Snort 3 SIDs 300290 - 300296, 300297 and 300298.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-10-11T18:11:00", "type": "talosblog", "title": "Microsoft Patch Tuesday for October 2022 \u2014 Snort rules and prominent vulnerabilities", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-3304", "CVE-2022-3307", "CVE-2022-3308", "CVE-2022-3310", "CVE-2022-3311", "CVE-2022-3313", "CVE-2022-3315", "CVE-2022-3316", "CVE-2022-3317", "CVE-2022-33634", "CVE-2022-3370", "CVE-2022-3373", "CVE-2022-37968", "CVE-2022-37976", "CVE-2022-37979", "CVE-2022-38000", "CVE-2022-38047", "CVE-2022-38048", "CVE-2022-38049", "CVE-2022-41031", "CVE-2022-41035", "CVE-2022-41038", "CVE-2022-41081"], "modified": "2022-10-11T20:02:01", "id": "TALOSBLOG:FC6B0635136460B7A28F081107A8712E", "href": "http://blog.talosintelligence.com/2022/10/microsoft-patch-tuesday-for-october.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-11-03T15:20:29", "description": "\n\nMicrosoft released its monthly security update Tuesday, disclosing 83 vulnerabilities across the company&#x27;s hardware and software line, including seven critical issues in Windows&#x27; point-to-point tunneling protocol.\n\nOctober&#x27;s security update features 11 critical vulnerabilities, with the remainder being &quot;important.&quot;\n\nOne of the most notable vulnerabilities Microsoft fixed this month is [CVE-2022-41038](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41038>), a remote code execution issue in Microsoft SharePoint. There are several other SharePoint vulnerabilities included in this month&#x27;s Patch Tuesday, though this seems the most severe, as Microsoft continues it to be &quot;more likely&quot; to be exploited.\n\nAn attacker must be authenticated to the target site with the correct permissions to use manage lists in SharePoint to exploit this vulnerability, and eventually gain the ability to execute remote code on the SharePoint server.\n\n[CVE-2022-37968](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37968>), an elevation of privilege vulnerability in Azure Arc Connect, has the highest severity score out of all the vulnerabilities Microsoft fixed this month -- a maximum 10 out of 10. Successful exploitation of this vulnerability, which affects the cluster connect feature of Azure Arc-enabled Kubernetes clusters, could allow an unauthenticated user to elevate their privileges as cluster admins and potentially gain control over the Kubernetes cluster.\n\n[CVE-2022-37976](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37976>) and [CVE-2022-37979](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37979>) are also critical elevation of privilege vulnerabilities in Windows Active Directory and Hyper-V, respectively.\n\nThe Windows&#x27; point-to-point tunneling protocol, which is a network protocol used to create VPN tunnels between public networks, contains eight vulnerabilities that Microsoft disclosed Tuesday, seven of which are rated &quot;critical&quot; severity:\n\n * [CVE-2022-22035](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22035>)\n * [CVE-2022-24504](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24504>)\n * [CVE-2022-30198](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30198>)\n * [CVE-2022-33634](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33634>)\n * [CVE-2022-38000](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38000>)\n * [CVE-2022-38047](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38047>)\n * [CVE-2022-41081](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41081>)\n\nCVE-2022-38000 is the most serious among the group with a severity rating of 9. An attacker could successfully exploit this issue to launch remote code at the remote server.\n\nMicrosoft Office and Word also contain critical remote code execution vulnerabilities. These are usually popular targets for adversaries, as they are one of the most popular pieces of software in the world and can be exploited just by tricking a user into opening a specially crafted document:\n\n * [CVE-2022-38048](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38048>)\n * [CVE-2022-38049](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41031>)\n * [CVE-2022-41031](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41032>)\n\nMicrosoft has also included 12 vulnerabilities in Google Chromium, the open-source web browser that is the basis for Microsoft&#x27;s Edge browser. Google has already disclosed and fixed these issues, so users do not need to take any additional steps to implement patches:\n\n * CVE-2022-3304\n * CVE-2022-3307\n * CVE-2022-3308\n * CVE-2022-3310\n * CVE-2022-3311\n * CVE-2022-3313\n * CVE-2022-3315\n * CVE-2022-3316\n * CVE-2022-3317\n * CVE-2022-3370\n * CVE-2022-3373\n * CVE-2022-41035\n\nA complete list of all the vulnerabilities Microsoft disclosed this month is available on its update page.\n\nIn response to these vulnerability disclosures, Talos is releasing a new Snort rule set that detects attempts to exploit some of them. Please note that additional rules may be released at a future date and current rules are subject to change pending additional information. Cisco Secure Firewall customers should use the latest update to their ruleset by updating their SRU. Open-source Snort Subscriber Rule Set customers can stay up to date by downloading the latest rule pack available for purchase on Snort.org.\n\nThe rules included in this release that protect against the exploitation of many of these vulnerabilities are 60693 - 60696, 60698 - 60701, 60706, 60701 - 60705, 60708 and 60709. There are also Snort 3 SIDs 300290 - 300296, 300297 and 300298.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-10-11T18:01:00", "type": "talosblog", "title": "Microsoft Patch Tuesday for October 2022 \u2014 Snort rules and prominent vulnerabilities", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-3304", "CVE-2022-3307", "CVE-2022-3308", "CVE-2022-3310", "CVE-2022-3311", "CVE-2022-3313", "CVE-2022-3315", "CVE-2022-3316", "CVE-2022-3317", "CVE-2022-33634", "CVE-2022-3370", "CVE-2022-3373", "CVE-2022-37968", "CVE-2022-37976", "CVE-2022-37979", "CVE-2022-38000", "CVE-2022-38047", "CVE-2022-38048", "CVE-2022-38049", "CVE-2022-41031", "CVE-2022-41032", "CVE-2022-41035", "CVE-2022-41038", "CVE-2022-41081"], "modified": "2022-10-11T18:01:00", "id": "TALOSBLOG:C8DF1717F356AEFC758F655905BAF595", "href": "https://blog.talosintelligence.com/microsoft-patch-tuesday-for-october/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-06T19:13:58", "description": "[](<https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjLGV0qm1JxU91RjdxVIuHS5qpDp6eR5oqC3GXE4GKh74vcE6eErdX-odGGmldK4seEV08PmWVUMwC9eHiY-MNvEWPJqq7kEe3k9gjAfn0ai-JRQnZ3GdRiAki_wed_Ctz2-MbeTD591fAVRErXhYumK3_GFcUGqEBUmnA_aeVfgK2rZKQ7AW0eYUiY/s2000/threat-source-newsletter.jpg>)\n\n \n\n\n_By Jon Munshaw. _\n\n[](<https://engage2demand.cisco.com/SubscribeTalosThreatSource>)\n\nWelcome to this week\u2019s edition of the Threat Source newsletter. \n\n \n\n\nAs I [wrote about last week](<https://blog.talosintelligence.com/2022/09/threat-source-newsletter-sept-29-2022.html>), I\u2019ve been [diving a lot into apps\u2019 privacy policies](<https://blog.talosintelligence.com/2022/09/our-current-world-health-care-apps-and.html>) recently. And I was recently made aware of a new type of app I never knew existed \u2014 family trackers. \n\n \n\n\nThere are countless mobile apps for parents to track their children or other family members based on their location, phone usage, and even driving speed. As an anxious soon-to-be-parent, this sounds intriguing to me \u2014 it\u2019d be a supped-up version of Find my Friends on Apple devices so I\u2019d never have to ask my teenager (granted, I\u2019m many years away from being at that stage of my life) when they were coming home or where they were. \n\n \n\n\nJust as with all other types of mobile apps, there are pitfalls, though. \n\n \n\n\nLife360, one of the most popular of these types of apps and even tells users what their maximum driving speed was on a given trip, was found in December 2021 to be [selling precise location data](<https://themarkup.org/privacy/2021/12/06/the-popular-family-safety-app-life360-is-selling-precise-location-data-on-its-tens-of-millions-of-user>) on its users, potentially affecting millions of people. Once that precise location data is out there, there is no telling who could eventually get a hold of it. Even if Life360 doesn\u2019t intend to let adversaries see this information, they don\u2019t have direct control over how those third parties handle the information once it\u2019s sold off. \n\n \n\n\nThe [app\u2019s current and updated privacy policy](<https://support.life360.com/hc/en-us/articles/360043228154-Full-Privacy-Policy>) states that it \"may also share location information with our partners, such as Cuebiq and its Partners, for tailored advertising, attribution, analytics, research and other purposes.\u201d However, users do have the ability to opt out of this inside the app. \n\n \n\n\nThere is hardware that offers this same type of tracking. Jealous, angry or paranoid spouses and parents have used [Apple\u2019s AirTags in the past to unknowingly track people](<https://www.npr.org/2022/02/18/1080944193/apple-airtags-theft-stalking-privacy-tech>), eventually to the point that Apple had to [address the issue directly](<https://www.apple.com/newsroom/2022/02/an-update-on-airtag-and-unwanted-tracking/>) and provide several updates to AirTags\u2019 security and precise location alerts to make it easier for users to find potentially unwanted AirTags on their cars or personal belongings. \n\n \n\n\nThis is truthfully just an area of concern I had never considered before. Many parents would do anything for their children\u2019s safety, which is certainly understandable. But just like personal health apps, we need to consider the security trade-offs here, too. As we\u2019ve said before, [no one truly has \u201cnothing to hide,\u201d](<https://beerswithtalos.talosintelligence.com/2033817/11128173-beers-with-talos-ep-124-there-s-no-such-thing-as-i-have-nothing-to-hide>) especially when it comes to minors or vulnerable populations. I\u2019m not saying using any of these apps is inherently wrong, or that AirTags do not have their legitimate purposes. But any time we welcome this software and hardware into our homes and on our devices, it\u2019s worth considering what sacrifices we might be making elsewhere. \n\n \n\n\n \n\n\n## The one big thing \n\n[Microsoft warned last week](<https://blog.talosintelligence.com/2022/09/threat-advisory-exchange-server-vulns.html>) of the exploitation of two recently disclosed vulnerabilities collectively referred to as \"ProxyNotShell,\" affecting Microsoft Exchange Servers 2013, 2016 and 2019. One of these vulnerabilities could allow an attacker to execute remote code on the targeted server. Limited exploitation of these vulnerabilities in the wild has been reported. CVE-2022-41040 is a Server-Side Request Forgery (SSRF) vulnerability, while CVE-2022-41082 enables Remote Code Execution (RCE) when PowerShell is accessible to the attackers. \n\n> ### Why do I care? \n> \n> Exchange vulnerabilities have become increasingly popular with threat actors, as they can provide initial access to network environments and are often used to facilitate more effective phishing and malspam campaigns. The Hafnium threat actor exploited several zero-day vulnerabilities in Exchange Server in 2021 to deliver ransomware, and Cisco Talos Incident Response reported that the exploitation of Exchange Server issues was one of the four attacks they saw most often last year. \n> \n> ### So now what?\n\n> While no fixes or patches are available yet, Microsoft has [provided mitigations](<https://www.darkreading.com/remote-workforce/microsoft-updates-mitigation-for-exchange-server-zero-days>) for on-premises Microsoft Exchange users on Sept. 29, 2022. Even organizations that use Exchange Online may still be affected if they run a hybrid server. While Microsoft continues to update their mitigations, some security researchers [posit they can be bypassed](<https://twitter.com/GossiTheDog/status/1575813395835547651>). Talos has released several Snort rules to detect the exploitation of these vulnerabilities and associate malware families used in these attacks. \n\n> \n\n## Top security headlines from the week\n\n \n\n\nMore than 2 million Australians\u2019 personal information is at risk after a data breach at telecommunications giant Optus. More than 1.2 million customers have had at least one ID number from a current and valid form of identification, along with other personal data, according to an update from the company\u2019s CEO. Adding to the confusion, the company told many residents in New South Wales that it would need to replace their driver\u2019s license, only to later backtrack to say that would not be the case for everyone affected. Optus says it enlisted a third party to complete a thorough review of the compromise to identify security gaps and any other potential fallout. ([ABC News](<https://www.abc.net.au/news/2022-10-03/optus-data-breach-cyber-attack-deloitte-review-audit/101496190>), [Nine News](<https://www.9news.com.au/national/optus-data-breach-update-more-than-two-million-customer-identity-details-exposed/b92b17d9-fc77-430b-94ca-21def7fea61d>)) \n\nThe Vice Society ransomware group leaked more than 500 GB worth of data on employees and students at the unified Los Angeles School District after the district refused to pay a requested extortion payment after a ransomware attack several weeks ago. Officials said the leak was less extensive than originally expected and limited to attendance and academic records from 2013 - 2016. The district declined to pay the ransom because there was no guarantee that the actors would not leak the information anyway. Threat actors have commonly targeted the education sector with ransomware attacks as the school year started and their networks were particularly vulnerable. ([Axios](<https://www.axios.com/2022/10/03/hackers-stolen-data-la-school-district-ransomware>), [Los Angeles Times](<https://www.latimes.com/california/story/2022-10-03/hackers-cyberattack-los-angeles-unified-school-district-hotline-parents-staff-vice-society>)) \n\nThe infamous Lazarus Group threat actor continues to ramp up its activity, recently exploiting open-source software and Dell hardware to target companies all over the globe. A recent report from Microsoft found that the group was impersonating contributors to open-source projects and injecting malicious updates for that software to users. In a separate campaign, the APT also used an exploit in a Dell firmware driver to deliver a Windows rootkit targeting an aerospace company and high-profile journalist in Belgium. Lazarus Group is known for operating with North Korean state interests, often stealing cryptocurrency or finding other ways to earn money. ([Bleeping Computer](<https://www.bleepingcomputer.com/news/security/microsoft-lazarus-hackers-are-weaponizing-open-source-software/>), [Security Affairs](<https://securityaffairs.co/wordpress/136623/apt/lazarus-exploit-dell-firmware-driver.html>)) \n\n \n\n\n## Can\u2019t get enough Talos? \n\n * * _[Developer account body snatchers pose risks to the software supply chain](<https://blog.talosintelligence.com/2022/10/developer-account-body-snatchers-pose.html>)_\n * _[Researcher Spotlight: Globetrotting with Yuri Kramarz](<https://blog.talosintelligence.com/2022/10/researcher-spotlight-globetrotting-with.html>)_\n * _[Threat Roundup for Sept. 23 - 30](<https://blog.talosintelligence.com/2022/09/threat-roundup-0923-0930.html>)_\n * _[Talos Takes Ep. #115: An \"insider threat\" doesn't always have to know they're a threat](<https://www.buzzsprout.com/2018149/episodes/11413990>)_\n * _[Cobalt Strike malware campaign targets job seekers](<https://www.techtarget.com/searchsecurity/news/252525560/Cobalt-Strike-malware-campaign-targets-job-seekers>)_\n * _[Government, Union-Themed Lures Used to Deliver Cobalt Strike Payloads](<https://www.infosecurity-magazine.com/news/government-union-lures-used-cobalt/>)_\n \n\n\n## Upcoming events where you can find Talos \n\n \n\n\n**_[Cisco Security Solution Expert Sessions](<https://web.cvent.com/event/f150cd18-061b-4c25-b617-044c50cac855/summary>)_ (Oct. 11 &amp; 13)**\n\nVirtual \n\n \n\n\n**_[GovWare 2022](<https://www.govware.sg/govware/2022/event-info>)_ (Oct. 18 - 20)**\n\nSands Expo &amp; Convention Centre, Singapore \n\n \n\n\n**_[Conference On Applied Machine Learning For Information Security](<https://www.camlis.org/>) _**** (Oct. 20 - 21)**\n\nSands Capital Management, Arlington, Virginia \n\n \n\n\n## Most prevalent malware files from Talos telemetry over the past week \n\n** \n**\n\n**SHA 256: **[c67b03c0a91eaefffd2f2c79b5c26a2648b8d3c19a22cadf35453455ff08ead0](<https://www.virustotal.com/gui/file/c67b03c0a91eaefffd2f2c79b5c26a2648b8d3c19a22cadf35453455ff08ead0/details>) \n\n**MD5: **8c69830a50fb85d8a794fa46643493b2 \n\n**Typical Filename: **AAct.exe \n\n**Claimed Product: **N/A \n\n**Detection Name: **PUA.Win.Dropper.Generic::1201 \n\n** \n**\n\n**SHA 256: **[e4973db44081591e9bff5117946defbef6041397e56164f485cf8ec57b1d8934](<https://www.virustotal.com/gui/file/e4973db44081591e9bff5117946defbef6041397e56164f485cf8ec57b1d8934/details>)** \n****MD5: **93fefc3e88ffb78abb36365fa5cf857c ** \n****Typical Filename: **Wextract \n**Claimed Product: **Internet Explorer \n**Detection Name: **PUA.Win.Trojan.Generic::85.lp.ret.sbx.tg \n\n \n\n\n**SHA 256: **[58d6fec4ba24c32d38c9a0c7c39df3cb0e91f500b323e841121d703c7b718681](<https://www.virustotal.com/gui/file/58d6fec4ba24c32d38c9a0c7c39df3cb0e91f500b323e841121d703c7b718681/details>) \n\n**MD5: **f1fe671bcefd4630e5ed8b87c9283534 \n\n**Typical Filename: **KMSAuto Net.exe \n\n**Claimed Product: **KMSAuto Net \n\n**Detection Name: **PUA.Win.Tool.Hackkms::1201 \n\n** \n**\n\n**SHA 256: **[e12b6641d7e7e4da97a0ff8e1a0d4840c882569d47b8fab8fb187ac2b475636c](<https://www.virustotal.com/gui/file/e12b6641d7e7e4da97a0ff8e1a0d4840c882569d47b8fab8fb187ac2b475636c/details>)** **\n\n**MD5: **a087b2e6ec57b08c0d0750c60f96a74c\n\n**Typical Filename: **AAct.exe** **\n\n**Claimed Product: **N/A \n\n**Detection Name: **PUA.Win.Tool.Kmsauto::1201 \n\n** \n**\n\n**SHA 256: **[63d543945e33b4b6088dc34d0550213dc73ea6acce248d8353c63039e8fa284f](<https://www.virustotal.com/gui/file/63d543945e33b4b6088dc34d0550213dc73ea6acce248d8353c63039e8fa284f/details>) \n\n**MD5: **a779d230c944ef200bce074407d2b8ff \n\n**Typical Filename: **mediaget.exe** **\n\n**Claimed Product: **MediaGet \n\n**Detection Name: **W32.File.MalParent", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-06T18:00:00", "type": "talosblog", "title": "Threat Source newsletter (Oct. 6, 2022) \u2014 Continuing down the Privacy Policy rabbit hole", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2022-41040", "CVE-2022-41082"], "modified": "2022-10-06T18:00:00", "id": "TALOSBLOG:12103F398364269083FD96139F0F6562", "href": "http://blog.talosintelligence.com/2022/10/threat-source-newsletter-oct-6-2022.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-28T20:49:32", "description": "\n\nAs I [wrote about last week](<https://blog.talosintelligence.com/2022/09/threat-source-newsletter-sept-29-2022.html>), I&#x27;ve been [diving a lot into apps&#x27; privacy policies recently](<https://blog.talosintelligence.com/2022/09/our-current-world-health-care-apps-and.html>). And I was recently made aware of a new type of app I never knew existed -- family trackers.\n\nThere are countless mobile apps for parents to track their children or other family members based on their location, phone usage, and even driving speed. As an anxious soon-to-be-parent, this sounds intriguing to me -- it&#x27;d be a supped-up version of Find my Friends on Apple devices so I&#x27;d never have to ask my teenager (granted, I&#x27;m many years away from being at that stage of my life) when they were coming home or where they were.\n\nJust as with all other types of mobile apps, there are pitfalls, though.\n\nLife360, one of the most popular of these types of apps and even tells users what their maximum driving speed was on a given trip, was found in December 2021 to be [selling precise location data on its users](<https://themarkup.org/privacy/2021/12/06/the-popular-family-safety-app-life360-is-selling-precise-location-data-on-its-tens-of-millions-of-user>), potentially affecting millions of people. Once that precise location data is out there, there is no telling who could eventually get a hold of it. Even if Life360 doesn&#x27;t intend to let adversaries see this information, they don&#x27;t have direct control over how those third parties handle the information once it&#x27;s sold off.\n\nThe [app&#x27;s current and updated privacy policy](<https://support.life360.com/hc/en-us/articles/360043228154-Full-Privacy-Policy>) states that it \"may also share location information with our partners, such as Cuebiq and its Partners, for tailored advertising, attribution, analytics, research and other purposes,&quot; though users do have the ability to opt out of this inside the app.\n\nThere is hardware that offers this same type of tracking. Jealous, angry or paranoid spouses and parents have [used Apple&#x27;s AirTags in the past to unknowingly track people](<https://www.npr.org/2022/02/18/1080944193/apple-airtags-theft-stalking-privacy-tech>), eventually to the point that Apple had to [address the issue directly](<https://www.apple.com/newsroom/2022/02/an-update-on-airtag-and-unwanted-tracking/>) and provide several updates to AirTags&#x27; security and precise location alerts to make it easier for users to find potentially unwanted AirTags on their cars or personal belongings.\n\nThis is truthfully just an area of concern I had never considered before. Many parents would do anything for their children&#x27;s safety, which is certainly understandable. But just like personal health apps, we need to consider the security trade-offs here, too. As we&#x27;ve said before, [no one truly has &quot;nothing to hide,&quot;](<https://beerswithtalos.talosintelligence.com/2033817/11128173-beers-with-talos-ep-124-there-s-no-such-thing-as-i-have-nothing-to-hide>) especially when it comes to minors or vulnerable populations. I&#x27;m not saying using any of these apps is inherently wrong, or that AirTags do not have their legitimate purposes. But any time we welcome this software and hardware into our homes and on our devices, it&#x27;s worth considering what sacrifices we might be making elsewhere. \n\n\n## The one big thing\n\n[Microsoft warned last week](<https://blog.talosintelligence.com/2022/09/threat-advisory-exchange-server-vulns.html>) of the exploitation of two recently disclosed vulnerabilities collectively referred to as \"ProxyNotShell,\" affecting Microsoft Exchange Servers 2013, 2016 and 2019. One of these vulnerabilities could allow an attacker to execute remote code on the targeted server. Limited exploitation of these vulnerabilities in the wild has been reported. CVE-2022-41040 is a Server-Side Request Forgery (SSRF) vulnerability, while CVE-2022-41082 enables Remote Code Execution (RCE) when PowerShell is accessible to the attackers.\n\n## Top security headlines from the week \n\n\nMore than 2 million Australians&#x27; personal information is at risk after a data breach at telecommunications giant Optus. More than 1.2 million customers have had at least one ID number from a current and valid form of identification, along with other personal data, according to an update from the company&#x27;s CEO. Adding to the confusion, the company told many residents in New South Wales that it would need to replace their driver&#x27;s license, only to later backtrack to say that would not be the case for everyone affected. Optus says it enlisted a third party to complete a thorough review of the compromise to identify security gaps and any other potential fallout. ([ABC News](<https://www.abc.net.au/news/2022-10-03/optus-data-breach-cyber-attack-deloitte-review-audit/101496190>), [Nine News](<https://www.9news.com.au/national/optus-data-breach-update-more-than-two-million-customer-identity-details-exposed/b92b17d9-fc77-430b-94ca-21def7fea61d>))\n\nThe Vice Society ransomware group leaked more than 500 GB worth of data on employees and students at the unified Los Angeles School District after the district refused to pay a requested extortion payment after a ransomware attack several weeks ago. Officials said the leak was less extensive than originally expected and limited to attendance and academic records from 2013 - 2016. The district declined to pay the ransom because there was no guarantee that the actors would not leak the information anyway. Threat actors have commonly targeted the education sector with ransomware attacks as the school year started and their networks were particularly vulnerable. ([Axios](<https://www.axios.com/2022/10/03/hackers-stolen-data-la-school-district-ransomware>), [Los Angeles Times](<https://www.latimes.com/california/story/2022-10-03/hackers-cyberattack-los-angeles-unified-school-district-hotline-parents-staff-vice-society>))\n\nThe infamous Lazarus Group threat actor continues to ramp up its activity, recently exploiting open-source software and Dell hardware to target companies all over the globe. A recent report from Microsoft found that the group was impersonating contributors to open-source projects and injecting malicious updates for that software to users. In a separate campaign, the APT also used an exploit in a Dell firmware driver to deliver a Windows rootkit targeting an aerospace company and high-profile journalist in Belgium. Lazarus Group is known for operating with North Korean state interests, often stealing cryptocurrency or finding other ways to earn money. ([Bleeping Computer](<https://www.bleepingcomputer.com/news/security/microsoft-lazarus-hackers-are-weaponizing-open-source-software/>), [Security Affairs](<https://securityaffairs.co/wordpress/136623/apt/lazarus-exploit-dell-firmware-driver.html>))\n\n## Can&#x27;t get enough Talos?\n\n * [Developer account body snatchers pose risks to the software supply chain](<https://blog.talosintelligence.com/2022/10/developer-account-body-snatchers-pose.html>)\n * [Researcher Spotlight: Globetrotting with Yuri Kramarz](<https://blog.talosintelligence.com/2022/10/researcher-spotlight-globetrotting-with.html>)\n * [Threat Roundup for Sept. 23 - 30](<https://blog.talosintelligence.com/2022/09/threat-roundup-0923-0930.html>)\n * [Talos Takes Ep. #115: An \"insider threat\" ](<https://www.buzzsprout.com/2018149/episodes/11413990>)doesn't always have to know they're a threat\n * [Cobalt Strike malware campaign targets job seekers](<https://www.techtarget.com/searchsecurity/news/252525560/Cobalt-Strike-malware-campaign-targets-job-seekers>)\n * [Government, Union-Themed Lures Used to Deliver Cobalt Strike Payloads](<https://www.infosecurity-magazine.com/news/government-union-lures-used-cobalt/>) \n\n\n## Upcoming events where you can find Talos \n\n\n[_**Cisco Security Solution Expert Sessions**_](<https://www.blogger.com/u/1/blog/post/edit/1029833275466591797/5980034587248183130#>)** (Oct. 11 &amp; 13)** \nVirtual \n\n \n[_**GovWare 2022**_](<https://www.blogger.com/u/1/blog/post/edit/1029833275466591797/5980034587248183130#>)** (Oct. 18 - 20)** \nSands Expo &amp; Convention Centre, Singapore \n\n \n[_**Conference On Applied Machine Learning For Information Security**_](<https://www.blogger.com/u/1/blog/post/edit/1029833275466591797/5980034587248183130#>)_** **_**(Oct. 20 - 21)** \nSands Capital Management, Arlington, Virginia", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-06T18:00:00", "type": "talosblog", "title": "Threat Source newsletter (Oct. 6, 2022) \u2014 Continuing down the Privacy Policy rabbit hole", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2022-41040", "CVE-2022-41082"], "modified": "2022-10-06T18:00:00", "id": "TALOSBLOG:FB5080C7655BA3C4C2856F34457CBCD0", "href": "https://blog.talosintelligence.com/threat-source-newsletter-oct-6-2022-continuing-down-the-privacy-policy-rabbit-hole/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-26T20:06:00", "description": "\n\nCisco Talos has released new coverage to detect and prevent the exploitation of two recently [disclosed](<https://www.microsoft.com/en-us/security/blog/2022/09/30/analyzing-attacks-using-the-exchange-vulnerabilities-cve-2022-41040-and-cve-2022-41082/>) vulnerabilities collectively referred to as &quot;ProxyNotShell,&quot; affecting Microsoft Exchange Servers 2013, 2016 and 2019. One of these vulnerabilities could allow an attacker to execute remote code on the targeted server. Limited exploitation of these vulnerabilities in the wild has been reported. [CVE-2022-41040](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41040>) is a Server Side Request Forgery (SSRF) vulnerability, while [CVE-2022-41082](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41082>) enables Remote Code Execution (RCE) when PowerShell is accessible to the attackers. \n \nWhile no fixes or patches are available yet, Microsoft has [provided mitigations](<https://www.microsoft.com/en-us/security/blog/2022/09/30/analyzing-attacks-using-the-exchange-vulnerabilities-cve-2022-41040-and-cve-2022-41082/>) for on-premises Microsoft Exchange users on Sept. 29, 2022. Even organizations that use Exchange Online may still be affected if they run a hybrid server. Cisco Talos is closely monitoring the recent reports of exploitation attempts against these vulnerabilities and strongly recommends users implement mitigation steps while waiting for security patches for these vulnerabilities. Exchange vulnerabilities have become increasingly popular with threat actors, as they can provide initial access to network environments and are often used to facilitate more effective phishing and malspam campaigns. The [Hafnium threat actor](<https://blog.talosintelligence.com/hafnium-update/>) exploited several zero-day vulnerabilities in Exchange Server in 2021 to deliver ransomware, and Cisco Talos Incident Response reported that the exploitation of Exchange Server issues was [one of the four attacks they saw most often](<https://www.techtarget.com/searchsecurity/news/252502308/Cisco-Talos-Exchange-Server-flaws-accounted-for-35-of-attacks>) last year.\n\n## Vulnerability details and ongoing exploitation\n\n \nExploit requests for these vulnerabilities look similar to previously discovered ProxyShell exploitation attempts: \n \nautodiscover/autodiscover.json?@evil.com/&lt;Exchange-backend-endpoint&gt;&amp;Email=autodiscover/autodiscover.json%3f@evil.com \n \nSuccessful exploitation of the vulnerabilities observed in the wild leads to preliminary information-gathering operations and the persistence of WebShells for continued access to compromised servers. Open-source reporting indicates that webShells such as Antsword, a popular Chinese language-based open-source webshell, [SharPyShell](<https://github.com/antonioCoco/SharPyShell>) an ASP.NET-based webshell and [China Chopper](<https://blog.talosintelligence.com/china-chopper-still-active-9-years-later/>) have been deployed on compromised systems consisting of the following artifacts:\n\n * C:\\inetpub\\wwwroot\\aspnet_client\\Xml.ashx\n * C:\\Program Files\\Microsoft\\Exchange Server\\V15\\FrontEnd\\HttpProxy\\owa\\auth\\errorEE.aspx\n * C:\\Program Files\\Microsoft\\Exchange Server\\V15\\FrontEnd\\HttpProxy\\owa\\auth\\pxh4HG1v.ashx\n * C:\\Program Files\\Microsoft\\Exchange Server\\V15\\FrontEnd\\HttpProxy\\owa\\auth\\RedirSuiteServiceProxy.aspx\n\n \n \nThis activity is consistent with what is typically observed when attackers begin leveraging vulnerabilities in unpatched or vulnerable systems exposed to the internet. \n \nInitial reporting observed the download and deployment of additional malicious artifacts and implants on the infected systems using cert util, however, these TTPs may change as more threat actors start exploiting the vulnerabilities followed by their own set of post-exploitation activities.\n\n## Coverage\n\n \nWays our customers can detect and block this threat are listed below.\n\n\n\n \n[Cisco Secure Endpoint](<https://www.cisco.com/c/en/us/products/security/amp-for-endpoints/index.html>) (formerly AMP for Endpoints) is ideally suited to prevent the execution of the malware detailed in this post. Try Secure Endpoint for free [here.](<https://www.cisco.com/c/en/us/products/security/amp-for-endpoints/free-trial.html?utm_medium=web-referral?utm_source=cisco&utm_campaign=amp-free-trial&utm_term=pgm-talos-trial&utm_content=amp-free-trial>) \n \n[Cisco Secure Web Appliance](<https://www.cisco.com/c/en/us/products/security/web-security-appliance/index.html>) web scanning prevents access to malicious websites and detects malware used in these attacks. \n \n[Cisco Secure Email](<https://www.cisco.com/c/en/us/products/security/email-security/index.html>) (formerly Cisco Email Security) can block malicious emails sent by threat actors as part of their campaign. You can try Secure Email for free [here](<https://www.cisco.com/c/en/us/products/security/cloud-mailbox-defense?utm_medium=web-referral&utm_source=cisco&utm_campaign=cmd-free-trial-request&utm_term=pgm-talos-trial>). \n \n[Cisco Secure Firewall](<https://www.cisco.com/c/en/us/products/security/firewalls/index.html>) (formerly Next-Generation Firewall and Firepower NGFW) appliances such as [Threat Defense Virtual](<https://www.cisco.com/c/en/us/products/collateral/security/firepower-ngfw-virtual/datasheet-c78-742858.html>), [Adaptive Security Appliance](<https://www.cisco.com/c/en/us/products/security/adaptive-security-appliance-asa-software/index.html>) and [Meraki MX](<https://meraki.cisco.com/products/appliances>) can detect malicious activity associated with this threat. \n \n[Cisco Secure Malware Analytics](<https://www.cisco.com/c/en/us/products/security/threat-grid/index.html>) (Threat Grid) identifies malicious binaries and builds protection into all Cisco Secure products. \n \n[Umbrella](<https://umbrella.cisco.com/>), Cisco&#x27;s secure internet gateway (SIG), blocks users from connecting to malicious domains, IPs and URLs, whether users are on or off the corporate network. Sign up for a free trial of Umbrella [here](<https://signup.umbrella.com/?utm_medium=web-referral?utm_source=cisco&utm_campaign=umbrella-free-trial&utm_term=pgm-talos-trial&utm_content=automated-free-trial>). \n \n[Cisco Secure Web Appliance](<https://www.cisco.com/c/en/us/products/security/web-security-appliance/index.html>) (formerly Web Security Appliance) automatically blocks potentially dangerous sites and tests suspicious sites before users access them. \n \nAdditional protections with context to your specific environment and threat data are available from the [Firewall Management Center](<https://www.cisco.com/c/en/us/products/security/firepower-management-center/index.html>). \n \n[Cisco Duo](<https://signup.duo.com/?utm_source=talos&utm_medium=referral&utm_campaign=duo-free-trial>) provides multi-factor authentication for users to ensure only those authorized are accessing your network. \n \nCisco Talos is releasing SID **60642 **to protect against CVE-2022-41040. \n \nIn addition we are releasing SIDs **60637-60641 **to protect against malicious activity observed during exploitation of CVE-2022-41082. \n \nThe existing SIDs **27966-27968, 28323, 37245, and 42834-42838 **provide additional protection for the malicious activity observed during exploitation of CVE-2022-41082. \n \nThe following ClamAV signatures have been released to detect malware artifacts related to this threat:\n\n * Asp.Backdoor.AntSword-9972727-1\n * Asp.Backdoor.Awen-9972728-0\n * Asp.Backdoor.AntSword-9972729-0\n\n## IOCs\n\n### IPs and URLs\n\n125[.]212[.]220[.]48 \n5[.]180[.]61[.]17 \n47[.]242[.]39[.]92 \n61[.]244[.]94[.]85 \n86[.]48[.]6[.]69 \n86[.]48[.]12[.]64 \n94[.]140[.]8[.]48 \n94[.]140[.]8[.]113 \n103[.]9[.]76[.]208 \n103[.]9[.]76[.]211 \n104[.]244[.]79[.]6 \n112[.]118[.]48[.]186 \n122[.]155[.]174[.]188 \n125[.]212[.]241[.]134 \n185[.]220[.]101[.]182 \n194[.]150[.]167[.]88 \n212[.]119[.]34[.]11 \n137[.]184[.]67[.]33 \n206[.]188[.]196[.]77 \nhxxp://206[.]188[.]196[.]77:8080/themes.aspx", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-30T21:16:00", "type": "talosblog", "title": "Threat Advisory: Microsoft warns of actively exploited vulnerabilities in Exchange Server", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2022-41040", "CVE-2022-41082"], "modified": "2022-09-30T21:16:00", "id": "TALOSBLOG:A52D0C18F59637804E33FC802E4F7F00", "href": "https://blog.talosintelligence.com/threat-advisory-microsoft-warns-of-actively-exploited-vulnerabilities-in-exchange-server/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-04T06:04:38", "description": "## \n\n \nCisco Talos has released new coverage to detect and prevent the exploitation of two recently [disclosed](<https://gteltsc.vn/blog/warning-new-attack-campaign-utilized-a-new-0day-rce-vulnerability-on-microsoft-exchange-server-12715.html>) vulnerabilities collectively referred to as \"ProxyNotShell,\" affecting Microsoft Exchange Servers 2013, 2016 and 2019. One of these vulnerabilities could allow an attacker to execute remote code on the targeted server. Limited exploitation of these vulnerabilities in the wild has been reported. [CVE-2022-41040](<https://cve.mitre.org/cgi-bin/cvename.cgi?name%3D2022-41040>) is a Server Side Request Forgery (SSRF) vulnerability, while [CVE-2022-41082](<https://cve.mitre.org/cgi-bin/cvename.cgi?name%3DCVE-2022-41082>) enables Remote Code Execution (RCE) when PowerShell is accessible to the attackers. \n \nWhile no fixes or patches are available yet, Microsoft has [provided mitigations](<https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/>) for on-premises Microsoft Exchange users on Sept. 29, 2022. Even organizations that use Exchange Online may still be affected if they run a hybrid server. Cisco Talos is closely monitoring the recent reports of exploitation attempts against these vulnerabilities and strongly recommends users implement mitigation steps while waiting for security patches for these vulnerabilities. Exchange vulnerabilities have become increasingly popular with threat actors, as they can provide initial access to network environments and are often used to facilitate more effective phishing and malspam campaigns. The [Hafnium threat actor](<https://blog.talosintelligence.com/2021/03/hafnium-update.html>) exploited several zero-day vulnerabilities in Exchange Server in 2021 to deliver ransomware, and Cisco Talos Incident Response reported that the exploitation of Exchange Server issues was [one of the four attacks they saw most often](<https://blog.talosintelligence.com/2022/01/talos-incident-response-year-in-review.html>) last year. \n \n \n\n\n## Vulnerability details and ongoing exploitation\n\n \nExploit requests for these [vulnerabilities](<https://www.gteltsc.vn/blog/warning-new-attack-campaign-utilized-a-new-0day-rce-vulnerability-on-microsoft-exchange-server-12715.html>) look similar to previously discovered ProxyShell exploitation attempts: \n \nautodiscover/autodiscover.json?@evil.com/&lt;Exchange-backend-endpoint&gt;&amp;Email=autodiscover/autodiscover.json%3f@evil.com \n \nSuccessful exploitation of the vulnerabilities observed in the wild leads to preliminary information-gathering operations and the persistence of WebShells for continued access to compromised servers. [Open-source reporting](<https://www.gteltsc.vn/blog/warning-new-attack-campaign-utilized-a-new-0day-rce-vulnerability-on-microsoft-exchange-server-12715.html>) indicates that webShells such as Antsword, a popular Chinese language-based open-source webshell, [SharPyShell](<https://github.com/antonioCoco/SharPyShell>) an ASP.NET-based webshell and [China Chopper](<https://blog.talosintelligence.com/2019/08/china-chopper-still-active-9-years-later.html>) have been deployed on compromised systems consisting of the following artifacts: \n \n\n\n * C:\\inetpub\\wwwroot\\aspnet_client\\Xml.ashx\n * C:\\Program Files\\Microsoft\\Exchange Server\\V15\\FrontEnd\\HttpProxy\\owa\\auth\\errorEE.aspx\n * C:\\Program Files\\Microsoft\\Exchange Server\\V15\\FrontEnd\\HttpProxy\\owa\\auth\\pxh4HG1v.ashx\n * C:\\Program Files\\Microsoft\\Exchange Server\\V15\\FrontEnd\\HttpProxy\\owa\\auth\\RedirSuiteServiceProxy.aspx\n \n \nThis activity is consistent with what is typically observed when attackers begin leveraging vulnerabilities in unpatched or vulnerable systems exposed to the internet. \n \nInitial reporting observed the download and deployment of additional malicious artifacts and implants on the infected systems using certutil, however these TTPs may change as more threat actors start exploiting the vulnerabilities followed by their own set of post-exploitation activities. \n \n\n\n## Coverage\n\n \n\n\nWays our customers can detect and block this threat are listed below. \n \n\n\n\n\n \n \n[Cisco Secure Endpoint](<https://www.cisco.com/c/en/us/products/security/amp-for-endpoints/index.html>) (formerly AMP for Endpoints) is ideally suited to prevent the execution of the malware detailed in this post. Try Secure Endpoint for free [here.](<https://www.cisco.com/c/en/us/products/security/amp-for-endpoints/free-trial.html?utm_medium%3Dweb-referral?utm_source%3Dcisco%26utm_campaign%3Damp-free-trial%26utm_term%3Dpgm-talos-trial%26utm_content%3Damp-free-trial>) \n \n[Cisco Secure Web Appliance](<https://www.cisco.com/c/en/us/products/security/web-security-appliance/index.html>) web scanning prevents access to malicious websites and detects malware used in these attacks. \n \n[Cisco Secure Email](<https://www.cisco.com/c/en/us/products/security/email-security/index.html>) (formerly Cisco Email Security) can block malicious emails sent by threat actors as part of their campaign. You can try Secure Email for free [here](<https://www.cisco.com/c/en/us/products/security/cloud-mailbox-defense?utm_medium%3Dweb-referral%26utm_source%3Dcisco%26utm_campaign%3Dcmd-free-trial-request%26utm_term%3Dpgm-talos-trial>). \n \n[Cisco Secure Firewall](<https://www.cisco.com/c/en/us/products/security/firewalls/index.html>) (formerly Next-Generation Firewall and Firepower NGFW) appliances such as [Threat Defense Virtual](<https://www.cisco.com/c/en/us/products/collateral/security/firepower-ngfw-virtual/datasheet-c78-742858.html>), [Adaptive Security Appliance](<https://www.cisco.com/c/en/us/products/security/adaptive-security-appliance-asa-software/index.html>) and [Meraki MX](<https://meraki.cisco.com/products/appliances>) can detect malicious activity associated with this threat. \n \n[Cisco Secure Malware Analytics](<https://www.cisco.com/c/en/us/products/security/threat-grid/index.html>) (Threat Grid) identifies malicious binaries and builds protection into all Cisco Secure products. \n \n[Umbrella](<https://umbrella.cisco.com/>), Cisco's secure internet gateway (SIG), blocks users from connecting to malicious domains, IPs and URLs, whether users are on or off the corporate network. Sign up for a free trial of Umbrella [here](<https://signup.umbrella.com/?utm_medium%3Dweb-referral?utm_source%3Dcisco%26utm_campaign%3Dumbrella-free-trial%26utm_term%3Dpgm-talos-trial%26utm_content%3Dautomated-free-trial>). \n \n[Cisco Secure Web Appliance](<https://www.cisco.com/c/en/us/products/security/web-security-appliance/index.html>) (formerly Web Security Appliance) automatically blocks potentially dangerous sites and tests suspicious sites before users access them. \n \nAdditional protections with context to your specific environment and threat data are available from the [Firewall Management Center](<https://www.cisco.com/c/en/us/products/security/firepower-management-center/index.html>). \n \nOpen-source Snort Subscriber Rule Set customers can stay up to date by downloading the latest rule pack available for purchase on [Snort.org](<https://www.snort.org/products>). \n \nCisco Talos is releasing SID **60642 **to protect against CVE-2022-41040. \n \nIn addition we are releasing SIDs **60637-60641** to protect against malicious activity observed during exploitation of CVE-2022-41082. \n \nThe existing SIDs **27966-27968, 28323, 37245, and 42834-42838** provide additional protection for the malicious activity observed during exploitation of CVE-2022-41082. \n \nThe following ClamAV signatures have been released to detect malware artifacts related to this threat: \n \n\n\n * Asp.Backdoor.AntSword-9972727-1\n * Asp.Backdoor.Awen-9972728-0\n * Asp.Backdoor.AntSword-9972729-0\n \n \n\n\n## IOCs\n\n### IPs and URLs\n\n125[.]212[.]220[.]48 \n5[.]180[.]61[.]17 \n47[.]242[.]39[.]92 \n61[.]244[.]94[.]85 \n86[.]48[.]6[.]69 \n86[.]48[.]12[.]64 \n94[.]140[.]8[.]48 \n94[.]140[.]8[.]113 \n103[.]9[.]76[.]208 \n103[.]9[.]76[.]211 \n104[.]244[.]79[.]6 \n112[.]118[.]48[.]186 \n122[.]155[.]174[.]188 \n125[.]212[.]241[.]134 \n185[.]220[.]101[.]182 \n194[.]150[.]167[.]88 \n212[.]119[.]34[.]11 \n137[.]184[.]67[.]33 \n206[.]188[.]196[.]77 \nhxxp://206[.]188[.]196[.]77:8080/themes.aspx", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-30T21:16:00", "type": "talosblog", "title": "Threat Advisory: Microsoft warns of actively exploited vulnerabilities in Exchange Server", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2022-41040", "CVE-2022-41082"], "modified": "2022-10-03T13:40:20", "id": "TALOSBLOG:A0B0983119E043D75EA7712A7172A942", "href": "http://blog.talosintelligence.com/2022/09/threat-advisory-exchange-server-vulns.html", "cvss": {"score": 0.0, "vector": "NONE"}}], "thn": [{"lastseen": "2022-10-12T08:05:16", "description": "[](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEjB9Dk9_CtwU0e7o73L8Ctcukw86W5iQ5ovoTM1kBO_tiERjq84jxpKHzqShkuM1aMl6Au7sULjY1iTAtzw5NrUSjNj_xsk0dB6JJO3CT8wIaRAnfzA86ZECd4CWN2tjWREiW3roAj-De9vCeIbdpMQGtJC0njmkr2-6-1DXvcz3yDBVBEmQ25saSok/s728-e100/windows.jpg>)\n\nMicrosoft's Patch Tuesday update for the month of October has addressed a total of [85 security vulnerabilities](<https://msrc.microsoft.com/update-guide/releaseNote/2022-Oct>), including fixes for an actively exploited zero-day flaw in the wild.\n\nOf the 85 bugs, 15 are rated Critical, 69 are rated Important, and one is rated Moderate in severity. The update, however, does not include mitigations for the [actively exploited](<https://unit42.paloaltonetworks.com/proxynotshell-cve-2022-41040-cve-2022-41082/>) [ProxyNotShell](<https://thehackernews.com/2022/10/microsoft-issues-improved-mitigations.html>) flaws in [Exchange Server](<https://techcommunity.microsoft.com/t5/exchange-team-blog/released-october-2022-exchange-server-security-updates/ba-p/3646263>).\n\nThe [patches](<https://www.rapid7.com/blog/post/2022/10/11/patch-tuesday-october-2022/>) come alongside [updates to resolve 12 other flaws](<https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security>) in the Chromium-based Edge browser that have been released since the beginning of the month.\n\nTopping the list of this month's patches is [CVE-2022-41033](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41033>) (CVSS score: 7.8), a privilege escalation vulnerability in Windows COM+ Event System Service. An anonymous researcher has been credited with reporting the issue.\n\n\"An attacker who successfully exploited this vulnerability could gain SYSTEM privileges,\" the company said in an advisory, cautioning that the shortcoming is being actively weaponized in real-world attacks.\n\nThe nature of the flaw also means that the issue is likely chained with other flaws to escalate privilege and carry out malicious actions on the infected host.\n\n\"This specific vulnerability is a local privilege escalation, which means that an attacker would already need to have code execution on a host to use this exploit,\" Kev Breen, director of cyber threat research at Immersive Labs, said.\n\nThree other elevation of privilege vulnerabilities of note relate to Windows Hyper-V ([CVE-2022-37979](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37979>), CVSS score: 7.8), Active Directory Certificate Services ([CVE-2022-37976](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37976>), CVSS score: 8.8), and Azure Arc-enabled Kubernetes cluster Connect ([CVE-2022-37968](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37968>), CVSS score: 10.0).\n\nDespite the \"Exploitation Less Likely\" tag for CVE-2022-37968, Microsoft noted that a successful exploitation of the flaw could permit an \"unauthenticated user to elevate their privileges as cluster admins and potentially gain control over the Kubernetes cluster.\"\n\nElsewhere, [CVE-2022-41043](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41043>) (CVSS score: 3.3) \u2013 an information disclosure vulnerability in Microsoft Office \u2013 is listed as publicly known at the time of release. It could be exploited to leak user tokens and other potentially sensitive information, Microsoft said.\n\nAlso fixed by Redmond are eight privilege escalation flaws in Windows Kernel, 11 remote code execution bugs in Windows Point-to-Point Tunneling Protocol and SharePoint Server, and yet another elevation of privilege vulnerability in the Print Spooler module ([CVE-2022-38028](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38028>), CVSS score: 7.8).\n\nLastly, the Patch Tuesday update further addresses two more privilege escalation flaws in Windows Workstation Service ([CVE-2022-38034](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38034>), CVSS score: 4.3) and Server Service Remote Protocol ([CVE-2022-38045](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38045>), CVSS score: 8.8).\n\nWeb security company Akamai, which discovered the two shortcomings, [said](<https://www.akamai.com/blog/security-research/cold-hard-cache-bypassing-rpc-with-cache-abuse>) they \"take advantage of a design flaw that allows the bypass of [Microsoft [Remote Procedure Call](<https://learn.microsoft.com/en-us/windows/win32/rpc/rpc-start-page>)] security [callbacks](<https://learn.microsoft.com/en-us/windows/win32/rpc/callbacks>) through caching.\"\n\n### Software Patches from Other Vendors\n\nIn addition to Microsoft, security updates have also been released by several vendors to rectify dozens of vulnerabilities, including \u2014\n\n * [Adobe](<https://helpx.adobe.com/security/security-bulletin.html>)\n * [Android](<https://source.android.com/security/bulletin/2022-10-01>)\n * [Apache Projects](<https://news.apache.org/foundation/entry/the-apache-news-round-up276>)\n * [Apple](<https://support.apple.com/en-us/HT213480>)\n * [Cisco](<https://tools.cisco.com/security/center/publicationListing.x>)\n * [Citrix](<https://support.citrix.com/search/#/All%20Products?ct=Software%20Updates,Security%20Bulletins&searchText=&sortBy=Modified%20date&pageIndex=1>)\n * [CODESYS](<https://www.codesys.com/security/security-reports.html>)\n * [Dell](<https://www.dell.com/support/security/>)\n * [F5](<https://support.f5.com/csp/new-updated-articles>)\n * [Fortinet](<https://www.fortiguard.com/psirt?date=10-2022>) (including an [actively exploited flaw](<https://thehackernews.com/2022/10/fortinet-warns-of-active-exploitation.html>))\n * [GitLab](<https://about.gitlab.com/releases/2022/10/03/gitlab-15-4-2-released/>)\n * [Google Chrome](<https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_11.html>)\n * [IBM](<https://www.ibm.com/blogs/psirt/>)\n * [Lenovo](<https://support.lenovo.com/us/en/product_security/ps500001-lenovo-product-security-advisories>)\n * Linux distributions [Debian](<https://www.debian.org/security/2022/>), [Oracle Linux](<https://linux.oracle.com/ords/f?p=105:21::::RP::>), [Red Hat](<https://access.redhat.com/security/security-updates/#/security-advisories?q=&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory&documentKind=PortalProduct>), [SUSE](<https://www.suse.com/support/update/>), and [Ubuntu](<https://ubuntu.com/security/notices>)\n * [MediaTek](<https://corp.mediatek.com/product-security-bulletin/October-2022>)\n * [NVIDIA](<https://www.nvidia.com/en-us/security/>)\n * [Qualcomm](<https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2022-bulletin.html>)\n * [Samba](<https://www.samba.org/samba/history/>)\n * [SAP](<https://dam.sap.com/mac/app/e/pdf/preview/embed/ucQrx6G?ltr=a&rc=10>)\n * [Schneider Electric](<https://www.se.com/ww/en/work/support/cybersecurity/security-notifications.jsp>)\n * [Siemens](<https://new.siemens.com/global/en/products/services/cert.html#SecurityPublications>)\n * [Trend Micro](<https://success.trendmicro.com/dcx/s/vulnerability-response?language=en_US>), and\n * [VMware](<https://www.vmware.com/security/advisories.html>)\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-10-12T07:07:00", "type": "thn", "title": "Microsoft Patch Tuesday Fixes New Windows Zero-Day; No Patch for Exchange Server Bugs", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-37968", "CVE-2022-37976", "CVE-2022-37979", "CVE-2022-38028", "CVE-2022-38034", "CVE-2022-38045", "CVE-2022-41033", "CVE-2022-41040", "CVE-2022-41043", "CVE-2022-41082"], "modified": "2022-10-12T07:07:54", "id": "THN:0521233945B9471C64D546BD2B006823", "href": "https://thehackernews.com/2022/10/microsoft-patch-tuesday-fixes-new.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-06T06:04:52", "description": "[](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEi9curQBhNNFXVb7VMBAzdw4XqdlsRjjQO1TKoTP_j324ubmIjk9pqa624KRULI6wr62I5mCw6kwv5V7wAOuLszOF38jRdG5L0uMRGSF_wbY7B8Tf8xxuDiq7vHa3JRrFkp9bwK0s3z3LdKaWNgmAED48clrraRNSd-7DXt9XvTyxpt1PFJ0gS6hRc6/s728-e100/ms.jpg>)\n\nMicrosoft has revised its mitigation measures for the newly disclosed and actively exploited zero-day flaws in Exchange Server after it was found that they could be trivially bypassed.\n\nThe two vulnerabilities, tracked as CVE-2022-41040 and CVE-2022-41082, have been codenamed [ProxyNotShell](<https://thehackernews.com/2022/10/state-sponsored-hackers-likely.html>) due to similarities to another set of flaws called [ProxyShell](<https://thehackernews.com/2021/11/hackers-exploiting-proxylogon-and.html>), which the tech giant resolved last year.\n\nIn-the-wild attacks abusing the [shortcomings](<https://kb.cert.org/vuls/id/915563>) have chained the two flaws to gain remote code execution on compromised servers with elevated privileges, leading to the deployment of web shells.\n\nThe Windows maker, which is yet to release a fix for the bugs, has acknowledged that a single state-sponsored threat actor may have been weaponizing the flaws since August 2022 in limited targeted attacks.\n\nIn the meantime, the company has made available temporary workarounds to reduce the risk of exploitation by restricting known attack patterns through a rule in the IIS Manager.\n\nHowever, according to security researcher Jang ([@testanull](<https://twitter.com/testanull/status/1576774007826718720>)), the URL pattern can be easily circumvented, with senior vulnerability analyst Will Dormann [noting](<https://twitter.com/wdormann/status/1576922677675102208>) that the block mitigations are \"unnecessarily precise, and therefore insufficient.\"\n\n[](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEhpQsLFSw9UR9_SvNk6WQy9mwfkRcm3XlnjHABkGcn5zq8dy9nknbIRrBwkrbf_VJJvMMFLN_mUcYz8qvRkQqQsJzX0ofT7lPbRq_quwfXfFCfXjlRkKZNj3efBVbrnrgJU3Vi2386QzY6BgMNCEjLdFXD3_yuvqsRn6KGIxA6muukpIgnj2Cmxv06P/s728-e100/ms.jpg>)\n\nMicrosoft has since [revised](<https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/>) the URL Rewrite rule (also available as a standalone [PowerShell script](<https://microsoft.github.io/CSS-Exchange/Security/EOMTv2/>)) to take this into account -\n\n * Open IIS Manager\n * Select Default Web Site\n * In the Feature View, click URL Rewrite\n * In the Actions pane on the right-hand side, click Add Rule(s)\u2026\n * Select Request Blocking and click OK\n * Add the string \".*autodiscover\\\\.json.*Powershell.*\" (excluding quotes)\n * Select Regular Expression under Using\n * Select Abort Request under How to block and then click OK\n * Expand the rule and select the rule with the pattern: .*autodiscover\\\\.json.*Powershell.* and click Edit under Conditions\n * Change the Condition input from {URL} to {REQUEST_URI}\n\nIt's not immediately clear when Microsoft plans to push a patch for the two vulnerabilities, but it's possible that they could be shipped as part of Patch Tuesday updates next week on October 11, 2022.\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-05T05:31:00", "type": "thn", "title": "Mitigation for Exchange Zero-Days Bypassed! Microsoft Issues New Workarounds", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-41040", "CVE-2022-41082"], "modified": "2022-10-06T04:57:27", "id": "THN:5293CFD6ACCF7BFD2EDDE976C7C06C15", "href": "https://thehackernews.com/2022/10/mitigation-for-exchange-zero-days.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-10T04:05:08", "description": "[](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEjeUWuPrjVRtuLfvZ08ImJeXt0BdQpRXeQ6I0n0SAV_PvlNadxnD9aN7xs4GdR3dnw4vc_xgBx7ZMfuF4JsmZ8SVjY0DMxorkecTx87m3KMhPPwj-eMcuw7qBH0ZOWX2k0C8AUY_BQjxGr0uihjZw9opxQt8RNXIK3HVcztB-5v-tFUuZFDzyfQoLAw/s728-e100/ms.jpg>)\n\nMicrosoft on Friday [disclosed](<https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/>) it has made more improvements to the [mitigation method](<https://thehackernews.com/2022/10/mitigation-for-exchange-zero-days.html>) offered as a means to prevent exploitation attempts against the newly disclosed unpatched security flaws in Exchange Server.\n\nTo that end, the tech giant has revised the blocking rule in IIS Manager from \".*autodiscover\\\\.json.*Powershell.*\" to \"(?=.*autodiscover\\\\.json)(?=.*powershell).\"\n\nThe list of updated steps to add the URL Rewrite rule is below -\n\n * Open IIS Manager\n * Select Default Web Site\n * In the Feature View, click URL Rewrite\n * In the Actions pane on the right-hand side, click Add Rule(s)\u2026 \n * Select Request Blocking and click OK\n * Add the string \"(?=.*autodiscover\\\\.json)(?=.*powershell)\" (excluding quotes)\n * Select Regular Expression under Using\n * Select Abort Request under How to block and then click OK\n * Expand the rule and select the rule with the pattern: (?=.*autodiscover\\\\.json)(?=.*powershell) and click Edit under Conditions\n * Change the Condition input from {URL} to {UrlDecode:{REQUEST_URI}} and then click OK\n\nAlternatively, users can achieve the desired protections by executing a PowerShell-based Exchange On-premises Mitigation Tool ([EOMTv2.ps1](<https://microsoft.github.io/CSS-Exchange/Security/EOMTv2/>)), which has also been updated to take into account the aforementioned URL pattern.\n\nThe [actively-exploited issues](<https://viz.greynoise.io/tag/exchange-proxynotshell-vuln-check?days=30>), called ProxyNotShell (CVE-2022-41040 and CVE-2022-41082), are yet to be addressed by Microsoft, although with Patch Tuesday right around the corner, the wait may not be for long.\n\nSuccessful weaponization of the flaws could enable an authenticated attacker to chain the two vulnerabilities to achieve remote code execution on the underlying server.\n\nThe tech giant, last week, [acknowledged](<https://thehackernews.com/2022/10/state-sponsored-hackers-likely.html>) that the shortcomings may have been abused by a single state-sponsored threat actor since August 2022 in limited targeted attacks aimed at less than 10 organizations worldwide.\n\n**_Update:_** Microsoft, over the weekend, said that it has once again made a correction to the URL string \u2013 \"(?=.*autodiscover)(?=.*powershell)\" \u2013 to be added to the blocking rule in IIS Manager to prevent exploitation attempts.\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-08T05:13:00", "type": "thn", "title": "Microsoft Issues Improved Mitigations for Unpatched Exchange Server Vulnerabilities", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-41040", "CVE-2022-41082"], "modified": "2022-10-10T03:51:40", "id": "THN:8200D2C2E1DD329D680C5E699177551B", "href": "https://thehackernews.com/2022/10/microsoft-issues-improved-mitigations.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-01T06:04:28", "description": "[](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEhgl2CxdfICXD4YylZ3fmq7SfJser8j-42cMqU2vbSAzyQPe4aSApGawM37IvHE5L5BynSmtvS5oS0W37yOuR2b0ADOCJOYaxGMQw4b-7y_tf3n-L3iYrYCIZPkpyGA0JtfdssxXvGwCr54-CPt4mdR96xiq5tuxt8FFVPA2JX3PSijoskfmmIYDwNS/s728-e100/microsoft-exchange-hacking.jpg>)\n\nMicrosoft officially disclosed it investigating two zero-day security vulnerabilities impacting Exchange Server 2013, 2016, and 2019 following [reports of in-the-wild exploitation](<https://thehackernews.com/2022/09/warning-new-unpatched-microsoft.html>).\n\n\"The first vulnerability, identified as [CVE-2022-41040](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41040>), is a Server-Side Request Forgery ([SSRF](<https://en.wikipedia.org/wiki/Server-side_request_forgery>)) vulnerability, while the second, identified as [CVE-2022-41082](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41082>), allows remote code execution (RCE) when PowerShell is accessible to the attacker,\" the tech giant [said](<https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/>).\n\nThe company also confirmed that it's aware of \"limited targeted attacks\" weaponizing the flaws to obtain initial access to targeted systems, but emphasized that authenticated access to the vulnerable Exchange Server is required to achieve successful exploitation.\n\nThe attacks detailed by Microsoft show that the two flaws are stringed together in an exploit chain, with the SSRF bug enabling an authenticated adversary to remotely trigger arbitrary code execution.\n\nThe Redmond-based company further emphasized that it's working on an \"accelerated timeline\" to push a fix, while urging on premises Microsoft Exchange customers to add a blocking rule in IIS Manager as a temporary workaround to mitigate potential threats.\n\nIt's worth noting that Microsoft Exchange Online Customers are not affected. The steps to add the blocking rule are as follows -\n\n 1. Open the IIS Manager\n 2. Expand the Default Web Site\n 3. Select Autodiscover\n 4. In the Feature View, click URL Rewrite\n 5. In the Actions pane on the right-hand side, click Add Rules\n 6. Select Request Blocking and click OK\n 7. Add String \".*autodiscover\\\\.json.*\\@.*Powershell.*\" (excluding quotes) and click OK\n 8. Expand the rule and select the rule with the Pattern \".*autodiscover\\\\.json.*\\@.*Powershell.*\" and click Edit under Conditions\n 9. Change the condition input from {URL} to {REQUEST_URI}\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {}, "published": "2022-09-30T09:01:00", "type": "thn", "title": "Microsoft Confirms 2 New Exchange Zero-Day Flaws Being Used in the Wild", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-41040", "CVE-2022-41082"], "modified": "2022-10-01T05:48:11", "id": "THN:6B72050A86FFDCE9A0B2CF6F44293A1B", "href": "https://thehackernews.com/2022/09/microsoft-confirms-2-new-exchange-zero.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-06T16:20:52", "description": "[](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEiLG9V9B_xVvwA7aFCGySTOO5wtWjfUUfXnD668vDSJkbzBIm2NPP6g1ky-ViCG-wKLpXABQxIlv8utmjMKQL51hpJiXyYY2TLTY38wdOqX0wsX_F8diipfii3BtEeoyjJyWWMKayJerKNP8K8LA9mMdq2btrtQu479xoi3zF86AABjwbqGkg-1x_DY/s728-e100/ms.jpg>)\n\nMicrosoft on Friday disclosed that a single activity group in August 2022 achieved initial access and breached Exchange servers by chaining the [two newly disclosed zero-day flaws](<https://thehackernews.com/2022/09/microsoft-confirms-2-new-exchange-zero.html>) in a limited set of attacks aimed at less than 10 organizations globally.\n\n\"These attacks installed the Chopper web shell to facilitate hands-on-keyboard access, which the attackers used to perform Active Directory reconnaissance and data exfiltration,\" the Microsoft Threat Intelligence Center (MSTIC) [said](<https://www.microsoft.com/security/blog/2022/09/30/analyzing-attacks-using-the-exchange-vulnerabilities-cve-2022-41040-and-cve-2022-41082/>) in a new analysis.\n\nThe weaponization of the vulnerabilities is expected to ramp up in the coming days, Microsoft further warned, as malicious actors co-opt the exploits into their toolkits, including deploying ransomware, due to the \"highly privileged access Exchange systems confer onto an attacker.\"\n\nThe tech giant attributed the ongoing attacks with medium confidence to a state-sponsored organization, adding it was already investigating these attacks when the Zero Day Initiative disclosed the flaws to Microsoft Security Response Center (MSRC) earlier last month on September 8-9, 2022.\n\nThe two vulnerabilities have been collectively dubbed [**ProxyNotShell**](<https://doublepulsar.com/proxynotshell-the-story-of-the-claimed-zero-day-in-microsoft-exchange-5c63d963a9e9>), owing to the fact that \"it is the same path and SSRF/RCE pair\" as [ProxyShell](<https://thehackernews.com/2021/11/hackers-exploiting-proxylogon-and.html>) but with authentication, suggesting an incomplete patch.\n\nThe issues, which are strung together to achieve remote code execution, are listed below -\n\n * [**CVE-2022-41040**](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41040>) (CVSS score: 8.8) - Microsoft Exchange Server Elevation of Privilege Vulnerability\n * [**CVE-2022-41082**](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41082>) (CVSS score: 8.8) - Microsoft Exchange Server Remote Code Execution Vulnerability\n\n\"While these vulnerabilities require authentication, the authentication needed for exploitation can be that of a standard user,\" Microsoft said. \"Standard user credentials can be acquired via many different attacks, such as password spray or purchase via the cybercriminal economy.\"\n\n[](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEjDHuP8RcawOweo1l6ugi9Ob9HAQv5FloiZoBENRZJT1OGy1-icUmXQvdS86HsNfrxOCd9PP7M0XaqOZf1bLcVGic0MzVny5fGJtRDkn9gJzNIkyRzbf0NI5KIZSFcJkY_K7_R4TE6PtOAWo3h_NhgHlKy4YxwtTGQVxWAPzI6FaEI3z9CMmjvAJYMUZA/s728-e100/ms.jpg>)\n\nThe vulnerabilities were [first discovered](<https://thehackernews.com/2022/09/warning-new-unpatched-microsoft.html>) by Vietnamese cybersecurity company GTSC as part of its incident response efforts for an unnamed customer in August 2022. A Chinese threat actor is suspected to be behind the intrusions.\n\nThe development comes as the U.S. Cybersecurity and Infrastructure Security Agency (CISA) [added](<https://www.cisa.gov/uscert/ncas/current-activity/2022/09/30/cisa-adds-three-known-exploited-vulnerabilities-catalog>) the two Microsoft Exchange Server zero-day vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, requiring federal agencies to apply the patches by October 21, 2022.\n\nMicrosoft said that it's working on an \"accelerated timeline\" to release a fix for the shortcomings. It has also [published a script](<https://aka.ms/EOMTv2>) for the following URL Rewrite mitigation steps that it said is \"successful in breaking current attack chains\" -\n\n * Open IIS Manager\n * Select Default Web Site\n * In the Feature View, click URL Rewrite\n * In the Actions pane on the right-hand side, click Add Rule(s)\u2026 \n * Select Request Blocking and click OK\n * Add the string \".*autodiscover\\\\.json.*\\@.*Powershell.*\" (excluding quotes)\n * Select Regular Expression under Using\n * Select Abort Request under How to block and then click OK\n * Expand the rule and select the rule with the pattern .*autodiscover\\\\.json.*\\@.*Powershell.* and click Edit under Conditions.\n * Change the Condition input from {URL} to {REQUEST_URI}\n\nAs additional prevention measures, the company is urging companies to enforce multi-factor authentication (MFA), disable [legacy authentication](<https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/block-legacy-authentication#moving-away-from-legacy-authentication>), and educate users about [not accepting](<https://thehackernews.com/2022/09/uber-claims-no-sensitive-data-exposed.html>) unexpected two-factor authentication (2FA) prompts.\n\n\"Microsoft Exchange is a juicy target for threat actors to exploit for two primary reasons,\" Travis Smith, vice president of malware threat research at Qualys, told The Hacker News.\n\n\"First, Exchange [...] being directly connected to the internet creates an attack surface which is accessible from anywhere in the world, drastically increasing its risk of being attacked. Secondly, Exchange is a mission critical function -- organizations can't just unplug or turn off email without severely impacting their business in a negative way.\"\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-01T06:36:00", "type": "thn", "title": "State-Sponsored Hackers Likely Exploited MS Exchange 0-Days Against ~10 Organizations", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-41040", "CVE-2022-41082"], "modified": "2022-10-06T12:45:52", "id": "THN:A5B36072ED31304F26AF0879E3E5710E", "href": "https://thehackernews.com/2022/10/state-sponsored-hackers-likely.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-22T04:09:51", "description": "[](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEhTLGmaNN3OFFmSILTclxE-UymYSclEFgrwvp76liyrsFGtPk5wpNGVl-AXdppW10UvY5aPmtLoqkxVC3ifpEx9XH3JarmYqPPQtscOXnAMl0K3lHF2nV6pcyicT2bu5U9BbJFd6hbBBVHswmATwzgzQEMc6GEUPcs4-k1yW0cjoEdfsN0LDRvVh5Ty/s728-e100/email-hacking.png>)\n\nThreat actors affiliated with a ransomware strain known as Play are leveraging a never-before-seen exploit chain that bypasses blocking rules for ProxyNotShell flaws in Microsoft Exchange Server to achieve remote code execution (RCE) through Outlook Web Access ([OWA](<https://en.wikipedia.org/wiki/Outlook_on_the_web>)).\n\n\"The new exploit method bypasses [URL rewrite mitigations](<https://thehackernews.com/2022/10/microsoft-issues-improved-mitigations.html>) for the [Autodiscover endpoint](<https://learn.microsoft.com/en-us/exchange/architecture/client-access/autodiscover>),\" CrowdStrike researchers Brian Pitchford, Erik Iker, and Nicolas Zilio [said](<https://www.crowdstrike.com/blog/owassrf-exploit-analysis-and-recommendations/>) in a technical write-up published Tuesday.\n\nPlay ransomware, which first surfaced in June 2022, has been [revealed](<https://www.trendmicro.com/en_us/research/22/i/play-ransomware-s-attack-playbook-unmasks-it-as-another-hive-aff.html>) to adopt many tactics employed by other ransomware families such as [Hive](<https://thehackernews.com/2022/11/hive-ransomware-attackers-extorted-100.html>) and [Nokoyawa](<https://www.trendmicro.com/en_us/research/22/c/nokoyawa-ransomware-possibly-related-to-hive-.html>), the latter of which [upgraded to Rust](<https://www.zscaler.com/blogs/security-research/nokoyawa-ransomware-rust-or-bust>) in September 2022.\n\nThe cybersecurity company's investigations into several Play ransomware intrusions found that initial access to the target environments was not achieved by directly exploiting [CVE-2022-41040](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41040>), but rather through the OWA endpoint.\n\nDubbed **OWASSRF**, the technique likely takes advantage of another critical flaw tracked as [CVE-2022-41080](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41080>) (CVSS score: 8.8) to achieve privilege escalation, followed by abusing [CVE-2022-41082](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41082>) for remote code execution.\n\n[](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEh59pwm9Kxv252Uv99amN02oXTHDo8okfVqDQEPqxZy2wZk0tCTHx16xDzABz2QYvABQfBENatlbN2owTSezPh4jYOK-0bGPr_JyWKUPsX1nnLeX5X9za6Rfk5c-juoJI5Q9NT97ANp9X64VSnb_EWUp5s1jYoZJap_uzgruqlI0kYKYqqtMvM5hZQm/s728-e100/email-security.png>)\n\nIt's worth noting that both CVE-2022-41040 and CVE-2022-41080 stem from a case of server-side request forgery ([SSRF](<https://owasp.org/www-community/attacks/Server_Side_Request_Forgery>)), which permits an attacker to access unauthorized internal resources, in this case the [PowerShell remoting](<https://learn.microsoft.com/en-us/powershell/exchange/exchange-management-shell>) service.\n\nCrowdStrike said the successful initial access enabled the adversary to drop legitimate Plink and AnyDesk executables to maintain persistent access as well as take steps to purge Windows Event Logs on infected servers to conceal the malicious activity.\n\nAll three vulnerabilities were addressed by Microsoft as part of its [Patch Tuesday updates](<https://thehackernews.com/2022/11/install-latest-windows-update-asap.html>) for November 2022. It's, however, unclear if CVE-2022-41080 was actively exploited as a zero-day alongside CVE-2022-41040 and CVE-2022-41082.\n\nThe Windows maker, for its part, has tagged CVE-2022-41080 with an \"Exploitation More Likely\" assessment, implying it's possible for an attacker to create exploit code that could be utilized to reliably weaponize the flaw.\n\nCrowdStrike further noted that a proof-of-concept (PoC) Python script [discovered](<https://twitter.com/Purp1eW0lf/status/1602989967776808961>) and leaked by Huntress Labs researcher Dray Agha last week may have been put to use by the Play ransomware actors for initial access.\n\nThis is evidenced by the fact that the execution of the Python script made it possible to \"replicate the logs generated in recent Play ransomware attacks.\"\n\n\"Organizations should apply the November 8, 2022 patches for Exchange to prevent exploitation since the URL rewrite mitigations for ProxyNotShell are not effective against this exploit method,\" the researchers said.\n\n \n\n\nFound this article interesting? Follow us on [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-12-21T07:41:00", "type": "thn", "title": "Ransomware Hackers Using New Way to Bypass MS Exchange ProxyNotShell Mitigations", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-41040", "CVE-2022-41080", "CVE-2022-41082"], "modified": "2022-12-22T03:36:49", "id": "THN:DF2B360775F2B7F0C76A360FDA254FBA", "href": "https://thehackernews.com/2022/12/ransomware-hackers-using-new-way-to.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-07T18:11:10", "description": "[](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEhIkYkTBU5KJGFe1OgGLpYygDiWxeko_-avcEdQlausI60efbG2CTSjXoushTX82kWSNdNGwqru9TyK8Ohoh9Af2DlFFuzSZEDV0NH_rRPaEYUi86D_fRS5OutucQG2fb-8zydnRbryW1mN5kn5PUKySHDQ1UTPRbRWn1T-eB2NPm0Jh80Md9edRKdq/s728-rj-e365/rackspace-breach.png>)\n\nCloud services provider Rackspace on Thursday confirmed that the ransomware gang known as **Play** was responsible for last month's breach.\n\nThe security incident, which took place on December 2, 2022, leveraged a previously unknown security exploit to gain initial access to the Rackspace Hosted Exchange email environment.\n\n\"This zero-day exploit is associated with [CVE-2022-41080](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41080>),\" the Texas-based company [said](<https://status.apps.rackspace.com/index/viewincidents?group=2>). \"Microsoft disclosed CVE-2022-41080 as a privilege escalation vulnerability and did not include notes for [it] being part of a remote code execution chain that was exploitable.\"\n\nRackspace's forensic investigation found that the threat actor accessed the Personal Storage Table ([.PST](<https://en.wikipedia.org/wiki/Personal_Storage_Table>)) of 27 customers out of a total of nearly 30,000 customers on the Hosted Exchange email environment.\n\nHowever, the company said there is no evidence the adversary viewed, misused, or distributed the customer's emails or data from those personal storage folders. It further said it intends to retire its Hosted Exchange platform as part of a planned migration to Microsoft 365.\n\nIt's not currently not known if Rackspace paid a ransom to the cybercriminals, but the disclosure follows a report from CrowdStrike last month that shed light on the new technique, dubbed [OWASSRF](<https://thehackernews.com/2022/12/ransomware-hackers-using-new-way-to.html>), employed by the Play ransomware actors.\n\nThe mechanism targets Exchange servers that are unpatched against the ProxyNotShell vulnerabilities ([CVE-2022-41040](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41040>) and [CVE-2022-41082](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41082>)) but have in place URL rewrite mitigations for the Autodiscover endpoint.\n\nThis involves an exploit chain comprising CVE-2022-41080 and CVE-2022-41082 to achieve remote code execution in a manner that bypasses the blocking rules through Outlook Web Access (OWA). The flaws were addressed by Microsoft in November 2022.\n\nThe Windows maker, in a statement shared with The Hacker News, urged customers to prioritize installing its [November 2022 Exchange Server updates](<https://techcommunity.microsoft.com/t5/exchange-team-blog/released-november-2022-exchange-server-security-updates/ba-p/3669045>) and noted that the reported method targets vulnerable systems that have not applied the latest fixes.\n\n \n\n\nFound this article interesting? Follow us on [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-06T09:01:00", "type": "thn", "title": "Rackspace Confirms Play Ransomware Gang Responsible for Recent Breach", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-41040", "CVE-2022-41080", "CVE-2022-41082"], "modified": "2023-01-07T17:47:30", "id": "THN:A356406D6A8ADF4F4592DBAAEB6CDA74", "href": "https://thehackernews.com/2023/01/rackspace-confirms-play-ransomware-gang.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-19T18:07:07", "description": "[](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEi-Qj4H60yBEMC5f-_0JGD02J2wg0ZC_FI9TiEt-_4u9MqG5akmevGn28p1vkyeEok0GuDb1cmCeS-dKv4s9E9MAyuemdwhbNSyLxRxEo4ASVcE07gf6uHoE6u0DVBxU0iIkAyqu0iUBYeL9ZqCg6o6FL-pAlkZMqJQQ2RJ3GPav1RL0F1B98MWXdph/s728-e100/xss.jpg>)\n\nCybersecurity researchers have shared more details about a now-patched security flaw in Azure Service Fabric Explorer (SFX) that could potentially enable an attacker to gain administrator privileges on the cluster.\n\nThe vulnerability, tracked as [CVE-2022-35829](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35829>), carries a CVSS severity rating of 6.2 and was addressed by Microsoft as part of its [Patch Tuesday updates](<https://thehackernews.com/2022/10/microsoft-patch-tuesday-fixes-new.html>) last week.\n\nOrca Security, which [discovered and reported](<https://orca.security/resources/blog/fabrixss-vulnerability-azure-fabric-explorer>) the flaw to the tech giant on August 11, 2022, dubbed the vulnerability **FabriXss** (pronounced \"fabrics\"). It impacts Azure Fabric Explorer version 8.1.316 and prior.\n\nSFX is described by Microsoft as an [open-source tool](<https://learn.microsoft.com/en-us/azure/service-fabric/service-fabric-visualizing-your-cluster>) for inspecting and managing [Azure Service Fabric](<https://azure.microsoft.com/en-us/products/service-fabric/#overview>) clusters, a distributed systems platform that's used to build and deploy microservices-based cloud applications.\n\n[](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEhlv6AcbH6jn-NIGnUXG3TWO9cCNMzXDiRP8ek0A2v-JjjKpWBDbHF0T2_zCD0BIIGmD6w4zpCTDGDqHPLQ4JPvLVgzMOWuxeZ3ywScMhF6jKNn4ypJShVSUfchScSpXSfWOVZ0FaUT9ajPZjDuQBm-GqzLg4n83nC0UaYwrMloG7RMp_JTnT_SAhck/s728-e100/1.jpg>)\n\nThe vulnerability is rooted in the fact that a user with [permissions](<https://learn.microsoft.com/en-us/azure/service-fabric/service-fabric-cluster-fabric-settings#securityclientaccess>) to \"Create Compose Application\" through the SFX client can leverage the privileges to create a rogue app and abuse a stored cross-site scripting ([XSS](<https://www.imperva.com/learn/application-security/cross-site-scripting-xss-attacks/>)) flaw in the \"Application name\" field to slip the payload.\n\nArmed with this exploit, an adversary can send the specially crafted input during the application creation step, eventually leading to its execution.\n\n[](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEjo7yU5UFWOJmEjrm0lhcjgdLF336mtXD309IUavrO_XOamR_ZquJWhrotBSY8rd5VgFJ_ijYoCRM3P0nzcwkJ9h4n0gfMwxqqqFMasL_1BXTFRDi9doHCNqLw2MkbNwDz2OvoJWG7jvzIMRt15bi29m5sNikAXhtw95kcEfvsxGlwh3Ec0dzOOlawm/s728-e100/demo.gif>)\n\n\"This includes performing a Cluster Node reset, which erases all customized settings such as passwords and security configurations, allowing an attacker to create new passwords and gain full [Administrator permissions](<https://learn.microsoft.com/en-us/azure/service-fabric/service-fabric-cluster-security-roles>),\" Orca Security researchers Lidor Ben Shitrit and Roee Sagi said.\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {"exploitabilityScore": 1.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "baseScore": 4.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-10-19T13:18:00", "type": "thn", "title": "Researchers Detail Azure SFX Flaw That Could've Allowed Attackers to Gain Admin Access", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-35829"], "modified": "2022-10-19T13:18:20", "id": "THN:4D36CE3A789B029A11C5EDD1CA0AA8A0", "href": "https://thehackernews.com/2022/10/researchers-detail-azure-sfx-flaw-that.html", "cvss": {"score": 0.0, "vector": "NONE"}}], "avleonov": [{"lastseen": "2022-10-29T17:09:42", "description": "Hello everyone! This episode will be about Microsoft Patch Tuesday for October 2022, including vulnerabilities that were added between September and October Patch Tuesdays. As usual, I use my open source [Vulristics](<https://github.com/leonov-av/vulristics>) project to create the report.\n\nAlternative video link (for Russia): <https://vk.com/video-149273431_456239106>\n \n \n $ cat comments_links.txt \n Qualys|October 2022 Patch Tuesday|https://blog.qualys.com/vulnerabilities-threat-research/2022/10/11/october-2022-patch-tuesday\n ZDI|THE OCTOBER 2022 SECURITY UPDATE REVIEW|https://www.zerodayinitiative.com/blog/2022/10/11/the-october-2022-security-update-review\n \n $python3.8 process_classify_ms_products.py # Automated classifier for Microsoft products\n \n $ python3.8 vulristics.py --report-type \"ms_patch_tuesday_extended\" --mspt-year 2022 --mspt-month \"October\" --mspt-comments-links-path \"comments_links.txt\" --rewrite-flag \"True\"\n ...\n MS PT Year: 2022\n MS PT Month: October\n MS PT Date: 2022-10-11\n MS PT CVEs found: 84\n Ext MS PT Date from: 2022-09-14\n Ext MS PT Date to: 2022-10-10\n Ext MS PT CVEs found: 21\n ALL MS PT CVEs: 105\n ...\n\nAll vulnerabilities: 105 \nUrgent: 2 \nCritical: 1 \nHigh: 29 \nMedium: 71 \nLow: 2\n\nLet&#x27;s take a look at the most interesting vulnerabilities:\n\n 1. Two vulnerabilities **Remote Code Execution** - Microsoft Exchange (CVE-2022-41040, CVE-2022-41082). This is the hyped ProxyNotShell, that were disclosed on September 28. The first CVE is a **Server-Side Request Forgery (SSRF)** vulnerability, and the second one allows **Remote Code Execution (RCE)** when PowerShell is accessible to the attacker. While Microsoft was relatively [quick to acknowledge the vulnerabilities](<https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/>) and provide mitigation steps, their guidance has continually changed as the recommended rules to block attack traffic get bypassed. There were no patches for more than a month. At the same time, there are public exploits and signs of exploitation in the wild. Let&#x27;s wait for patches to appear on the Microsoft website on the pages for [CVE-2022-41040](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41040>) and [CVE-2022-41082](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41082>).\n 2. **Elevation of Privilege** - Windows COM+ Event System Service (CVE-2022-41033). This patch fixes a bug that Microsoft lists as being used in active attacks. The impact of exploitation is loss of confidentiality, integrity, and availability. Microsoft has not disclosed how the vulnerability is being exploited or if it is being exploited in targeted or more widespread attacks. They only say that the attack complexity is low and that it requires no user interaction for the attacker to be able to achieve SYSTEM privileges. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.\n 3. In this Patch Tuesday, there were 3 vulnerabilities for which the existence of a publicly available exploit was mentioned in the Microsoft CVSS Temporal Score (Proof-of-Concept Exploit). VM vendors didn&#x27;t write much about them. But it seems to me that the existence of a non-public PoC is an important enough factor to draw attention to these vulnerabilities: **Remote Code Execution** - Windows Point-to-Point Tunneling Protocol (CVE-2022-38000), **Elevation of Privilege** - Windows Graphics Component (CVE-2022-38051), **Spoofing** - Microsoft Edge (CVE-2022-41035).\n 4. **Elevation of Privilege** - Active Directory (CVE-2022-37976). A malicious DCOM client could force a DCOM server to authenticate to it through the Active Directory Certificate Service (ADCS) and use the credential to launch a cross-protocol attack. An attacker who successfully exploited this vulnerability could gain domain administrator privileges. Exploitability Assessment: Exploitation Less Likely.\n 5. **Elevation of Privilege** - Azure Arc-enabled Kubernetes cluster Connect (CVE-2022-37968). This vulnerability has CVSSv3 score of 10, the highest possible rating. An unauthenticated attacker could exploit this vulnerability in order to gain administrative privileges for a Kubernetes cluster. While updates have been released, users that do not have auto-upgrade enabled must take action to manually upgrade Azure Arc-enabled Kubernetes clusters.\n 6. **Remote Code Execution** - Microsoft Office (CVE-2022-38048). This bug was reported to the ZDI (Zero Day Initiative) by the researcher known as \u201chades_kito\u201d and represents a rare Critical-rated Office bug. Most Office vulnerabilities are rated Important since they involve user interaction \u2013 typically opening a file. An exception to that is when the Preview Pane is an attack vector, however, Microsoft states that isn\u2019t the case here. Likely the rating results from the lack of warning dialogs when opening a specially crafted file.\n\nFull Vulristics report: [ms_patch_tuesday_october2022](<https://avleonov.com/vulristics_reports/ms_patch_tuesday_october2022_report_with_comments_ext_img.html>)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-10-29T08:37:59", "type": "avleonov", "title": "Microsoft Patch Tuesday October 2022: Exchange ProxyNotShell RCE, Windows COM+ EoP, AD EoP, Azure Arc Kubernetes EoP", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2022-37968", "CVE-2022-37976", "CVE-2022-38000", "CVE-2022-38048", "CVE-2022-38051", "CVE-2022-41033", "CVE-2022-41035", "CVE-2022-41040", "CVE-2022-41082"], "modified": "2022-10-29T08:37:59", "id": "AVLEONOV:58634A9ABF4922115976139024831EB9", "href": "https://avleonov.com/2022/10/29/microsoft-patch-tuesday-october-2022-exchange-proxynotshell-rce-windows-com-eop-ad-eop-azure-arc-kubernetes-eop/", "cvss": {"score": 0.0, "vector": "NONE"}}], "mscve": [{"lastseen": "2023-03-17T02:31:50", "description": "Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37990, CVE-2022-37991, CVE-2022-37995, CVE-2022-38022, CVE-2022-38037, CVE-2022-38038, CVE-2022-38039.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows Kernel Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37988", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37995", "CVE-2022-38022", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38039"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-37988", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37988", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:50", "description": "Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-37995, CVE-2022-38022, CVE-2022-38038, CVE-2022-38039.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows Kernel Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37988", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37995", "CVE-2022-38022", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38039"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-38037", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38037", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:53", "description": "Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-37995, CVE-2022-38037, CVE-2022-38038, CVE-2022-38039.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows Kernel Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37988", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37995", "CVE-2022-38022", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38039"], "modified": "2022-11-08T08:00:00", "id": "MS:CVE-2022-38022", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38022", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:50", "description": "Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37990, CVE-2022-37995, CVE-2022-38022, CVE-2022-38037, CVE-2022-38038, CVE-2022-38039.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows Kernel Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37988", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37995", "CVE-2022-38022", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38039"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-37991", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37991", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:49", "description": "Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-38022, CVE-2022-38037, CVE-2022-38038, CVE-2022-38039.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows Kernel Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37988", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37995", "CVE-2022-38022", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38039"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-37995", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37995", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:50", "description": "Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-37995, CVE-2022-38022, CVE-2022-38037, CVE-2022-38038.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows Kernel Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37988", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37995", "CVE-2022-38022", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38039"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-38039", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38039", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:50", "description": "Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37991, CVE-2022-37995, CVE-2022-38022, CVE-2022-38037, CVE-2022-38038, CVE-2022-38039.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows Kernel Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37988", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37995", "CVE-2022-38022", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38039"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-37990", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37990", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:50", "description": "Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-37995, CVE-2022-38022, CVE-2022-38037, CVE-2022-38039.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows Kernel Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37988", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37995", "CVE-2022-38022", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38039"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-38038", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38038", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:56", "description": "Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24504, CVE-2022-30198, CVE-2022-33634, CVE-2022-38000, CVE-2022-38047, CVE-2022-41081.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-33634", "CVE-2022-38000", "CVE-2022-38047", "CVE-2022-41081"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-22035", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-22035", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:54", "description": "Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22035, CVE-2022-24504, CVE-2022-30198, CVE-2022-33634, CVE-2022-38047, CVE-2022-41081.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-33634", "CVE-2022-38000", "CVE-2022-38047", "CVE-2022-41081"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-38000", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38000", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:56", "description": "Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22035, CVE-2022-24504, CVE-2022-30198, CVE-2022-38000, CVE-2022-38047, CVE-2022-41081.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-33634", "CVE-2022-38000", "CVE-2022-38047", "CVE-2022-41081"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-33634", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-33634", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:54", "description": "Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22035, CVE-2022-24504, CVE-2022-30198, CVE-2022-33634, CVE-2022-38000, CVE-2022-41081.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-33634", "CVE-2022-38000", "CVE-2022-38047", "CVE-2022-41081"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-38047", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38047", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:56", "description": "Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22035, CVE-2022-24504, CVE-2022-33634, CVE-2022-38000, CVE-2022-38047, CVE-2022-41081.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-33634", "CVE-2022-38000", "CVE-2022-38047", "CVE-2022-41081"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-30198", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30198", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:53", "description": "Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22035, CVE-2022-24504, CVE-2022-30198, CVE-2022-33634, CVE-2022-38000, CVE-2022-38047.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-33634", "CVE-2022-38000", "CVE-2022-38047", "CVE-2022-41081"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-41081", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41081", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:56", "description": "Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22035, CVE-2022-30198, CVE-2022-33634, CVE-2022-38000, CVE-2022-38047, CVE-2022-41081.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-33634", "CVE-2022-38000", "CVE-2022-38047", "CVE-2022-41081"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-24504", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-24504", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:48", "description": "Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-38053, CVE-2022-41036, CVE-2022-41037.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Microsoft SharePoint Server Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-38053", "CVE-2022-41036", "CVE-2022-41037", "CVE-2022-41038"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-41038", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41038", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:53", "description": "Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-38053, CVE-2022-41036, CVE-2022-41038.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Microsoft SharePoint Server Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-38053", "CVE-2022-41036", "CVE-2022-41037", "CVE-2022-41038"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-41037", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41037", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:53", "description": "Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-38053, CVE-2022-41037, CVE-2022-41038.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Microsoft SharePoint Server Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-38053", "CVE-2022-41036", "CVE-2022-41037", "CVE-2022-41038"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-41036", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41036", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:48", "description": "Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41036, CVE-2022-41037, CVE-2022-41038.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Microsoft SharePoint Server Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-38053", "CVE-2022-41036", "CVE-2022-41037", "CVE-2022-41038"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-38053", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38053", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:49", "description": "Windows Group Policy Preference Client Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37993, CVE-2022-37999.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows Group Policy Preference Client Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37993", "CVE-2022-37994", "CVE-2022-37999"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-37994", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37994", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:49", "description": "Windows Group Policy Preference Client Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37994, CVE-2022-37999.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows Group Policy Preference Client Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37993", "CVE-2022-37994", "CVE-2022-37999"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-37993", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37993", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:54", "description": "Windows Group Policy Preference Client Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37993, CVE-2022-37994.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows Group Policy Preference Client Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37993", "CVE-2022-37994", "CVE-2022-37999"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-37999", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37999", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:54", "description": "Windows Graphics Component Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37997.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows Graphics Component Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37997", "CVE-2022-38051"], "modified": "2022-10-18T07:00:00", "id": "MS:CVE-2022-38051", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38051", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:48", "description": "Windows Graphics Component Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-38051.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows Graphics Component Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37997", "CVE-2022-38051"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-37997", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37997", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:51", "description": "Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-37982.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37982", "CVE-2022-38031"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-38031", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38031", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:51", "description": "Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-38031.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37982", "CVE-2022-38031"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-37982", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37982", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:54", "description": "Windows Local Session Manager (LSM) Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-37973.", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 7.7, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows Local Session Manager (LSM) Denial of Service Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37973", "CVE-2022-37998"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-37998", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37998", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:53", "description": "Windows Local Session Manager (LSM) Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-37998.", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 7.7, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows Local Session Manager (LSM) Denial of Service Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37973", "CVE-2022-37998"], "modified": "2022-11-08T08:00:00", "id": "MS:CVE-2022-37973", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37973", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:50", "description": "Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37987.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37987", "CVE-2022-37989"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-37989", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37989", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:55", "description": "Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37989.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-37987", "CVE-2022-37989"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-37987", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37987", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:54", "description": "Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-38036"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-38036", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38036", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:52", "description": "Windows Distributed File System (DFS) Information Disclosure Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows Distributed File System (DFS) Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-38025"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-38025", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38025", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:48", "description": "Visual Studio Code Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Visual Studio Code Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-41083"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-41083", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41083", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:53", "description": "Visual Studio Code Remote Code Execution Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Visual Studio Code Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-41034"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-41034", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41034", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:54", "description": "Microsoft Office Graphics Remote Code Execution Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Microsoft Office Graphics Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-38049"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-38049", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38049", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:48", "description": "Visual Studio Code Information Disclosure Vulnerability.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 4.0}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Visual Studio Code Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-41042"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-41042", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41042", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:51", "description": "Windows USB Serial Driver Information Disclosure Vulnerability.", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows USB Serial Driver Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-38030"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-38030", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38030", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:54", "description": "Web Account Manager Information Disclosure Vulnerability.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Web Account Manager Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-38046"], "modified": "2022-11-08T08:00:00", "id": "MS:CVE-2022-38046", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38046", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:55", "description": "Service Fabric Explorer Spoofing Vulnerability.", "cvss3": {"exploitabilityScore": 1.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "baseScore": 4.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Service Fabric Explorer Spoofing Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-35829"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-35829", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35829", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:54", "description": "Win32k Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Win32k Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-38050"], "modified": "2022-10-18T07:00:00", "id": "MS:CVE-2022-38050", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38050", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:52", "description": "Windows Storage Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows Storage Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-38027"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-38027", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38027", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:48", "description": "Microsoft Word Remote Code Execution Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Microsoft Word Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-41031"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-41031", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41031", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:51", "description": "Windows Print Spooler Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows Print Spooler Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-38028"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-38028", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38028", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:52", "description": "Windows DHCP Client Information Disclosure Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows DHCP Client Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-38026"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-38026", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38026", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:56", "description": "Windows GDI+ Remote Code Execution Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows GDI+ Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-33635"], "modified": "2022-10-11T07:00:00", "id": "MS:CVE-2022-33635", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-33635", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-17T02:31:48", "description": "Server Service Remote Protocol Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mscve", "title": "Windows Server Service Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-38045"], "modified": "2022-11-18T08:00:00", "id": "MS:CVE-2022-38045", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38045", "cvss": {"score": 0.0, "vector": "NONE"}}], "cve": [{"lastseen": "2023-02-09T14:37:55", "description": "Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-37995, CVE-2022-38022, CVE-2022-38037, CVE-2022-38038.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-38039", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37988", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37995", "CVE-2022-38022", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38039"], "modified": "2022-10-12T17:12:00", "cpe": ["cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-38039", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38039", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:37:53", "description": "Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-37995, CVE-2022-38022, CVE-2022-38038, CVE-2022-38039.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-38037", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37988", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37995", "CVE-2022-38022", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38039"], "modified": "2022-11-09T04:02:00", "cpe": ["cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-38037", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38037", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:37:53", "description": "Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-37995, CVE-2022-38022, CVE-2022-38037, CVE-2022-38039.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-38038", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37988", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37995", "CVE-2022-38022", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38039"], "modified": "2023-01-19T03:26:00", "cpe": ["cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-38038", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38038", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:37:51", "description": "Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-37995, CVE-2022-38037, CVE-2022-38038, CVE-2022-38039.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-38022", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37988", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37995", "CVE-2022-38022", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38039"], "modified": "2022-11-14T14:47:00", "cpe": ["cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-38022", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38022", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:37:47", "description": "Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-38022, CVE-2022-38037, CVE-2022-38038, CVE-2022-38039.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-37995", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37988", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37995", "CVE-2022-38022", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38039"], "modified": "2022-10-12T14:04:00", "cpe": ["cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-37995", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37995", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:37:46", "description": "Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37991, CVE-2022-37995, CVE-2022-38022, CVE-2022-38037, CVE-2022-38038, CVE-2022-38039.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-37990", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37988", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37995", "CVE-2022-38022", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38039"], "modified": "2022-10-12T14:27:00", "cpe": ["cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-37990", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37990", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:37:45", "description": "Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37990, CVE-2022-37991, CVE-2022-37995, CVE-2022-38022, CVE-2022-38037, CVE-2022-38038, CVE-2022-38039.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-37988", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37988", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37995", "CVE-2022-38022", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38039"], "modified": "2022-12-09T19:39:00", "cpe": ["cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-37988", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37988", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:37:46", "description": "Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37990, CVE-2022-37995, CVE-2022-38022, CVE-2022-38037, CVE-2022-38038, CVE-2022-38039.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-37991", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37988", "CVE-2022-37990", "CVE-2022-37991", "CVE-2022-37995", "CVE-2022-38022", "CVE-2022-38037", "CVE-2022-38038", "CVE-2022-38039"], "modified": "2023-01-19T03:25:00", "cpe": ["cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-37991", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37991", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:37:47", "description": "Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22035, CVE-2022-24504, CVE-2022-30198, CVE-2022-33634, CVE-2022-38047, CVE-2022-41081.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-38000", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-33634", "CVE-2022-38000", "CVE-2022-38047", "CVE-2022-41081"], "modified": "2022-10-13T13:06:00", "cpe": ["cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-38000", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38000", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:24:15", "description": "Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22035, CVE-2022-24504, CVE-2022-33634, CVE-2022-38000, CVE-2022-38047, CVE-2022-41081.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-30198", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-33634", "CVE-2022-38000", "CVE-2022-38047", "CVE-2022-41081"], "modified": "2022-10-13T14:41:00", "cpe": ["cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-30198", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30198", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*"]}, {"lastseen": "2023-02-09T14:13:41", "description": "Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22035, CVE-2022-30198, CVE-2022-33634, CVE-2022-38000, CVE-2022-38047, CVE-2022-41081.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-24504", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-33634", "CVE-2022-38000", "CVE-2022-38047", "CVE-2022-41081"], "modified": "2022-10-13T14:41:00", "cpe": ["cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-24504", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24504", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*"]}, {"lastseen": "2023-02-09T14:07:55", "description": "Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24504, CVE-2022-30198, CVE-2022-33634, CVE-2022-38000, CVE-2022-38047, CVE-2022-41081.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-22035", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-33634", "CVE-2022-38000", "CVE-2022-38047", "CVE-2022-41081"], "modified": "2022-10-13T14:40:00", "cpe": ["cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-22035", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22035", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*"]}, {"lastseen": "2023-02-09T14:43:38", "description": "Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22035, CVE-2022-24504, CVE-2022-30198, CVE-2022-33634, CVE-2022-38000, CVE-2022-38047.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-41081", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-33634", "CVE-2022-38000", "CVE-2022-38047", "CVE-2022-41081"], "modified": "2022-10-12T17:14:00", "cpe": ["cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-41081", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-41081", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:37:55", "description": "Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22035, CVE-2022-24504, CVE-2022-30198, CVE-2022-33634, CVE-2022-38000, CVE-2022-41081.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-38047", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-33634", "CVE-2022-38000", "CVE-2022-38047", "CVE-2022-41081"], "modified": "2022-10-13T15:55:00", "cpe": ["cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-38047", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38047", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:30:12", "description": "Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22035, CVE-2022-24504, CVE-2022-30198, CVE-2022-38000, CVE-2022-38047, CVE-2022-41081.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-33634", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-22035", "CVE-2022-24504", "CVE-2022-30198", "CVE-2022-33634", "CVE-2022-38000", "CVE-2022-38047", "CVE-2022-41081"], "modified": "2022-10-13T14:41:00", "cpe": ["cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-33634", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-33634", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*"]}, {"lastseen": "2023-02-09T14:43:34", "description": "Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-38053, CVE-2022-41036, CVE-2022-41037.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-41038", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-38053", "CVE-2022-41036", "CVE-2022-41037", "CVE-2022-41038"], "modified": "2022-10-12T16:50:00", "cpe": ["cpe:/a:microsoft:sharepoint_server:2013", "cpe:/a:microsoft:sharepoint_foundation:2013", "cpe:/a:microsoft:sharepoint_server:-", "cpe:/a:microsoft:sharepoint_server:2016", "cpe:/a:microsoft:sharepoint_server:2019"], "id": "CVE-2022-41038", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-41038", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*", "cpe:2.3:a:microsoft:sharepoint_foundation:2013:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:-:*:*:*:subscription:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2013:sp1:*:*:enterprise:*:*:*"]}, {"lastseen": "2023-02-09T14:43:35", "description": "Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-38053, CVE-2022-41036, CVE-2022-41038.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-41037", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-38053", "CVE-2022-41036", "CVE-2022-41037", "CVE-2022-41038"], "modified": "2022-10-12T16:51:00", "cpe": ["cpe:/a:microsoft:sharepoint_server:2013", "cpe:/a:microsoft:sharepoint_foundation:2013", "cpe:/a:microsoft:sharepoint_server:-", "cpe:/a:microsoft:sharepoint_server:2016", "cpe:/a:microsoft:sharepoint_server:2019"], "id": "CVE-2022-41037", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-41037", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*", "cpe:2.3:a:microsoft:sharepoint_foundation:2013:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:-:*:*:*:subscription:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2013:sp1:*:*:enterprise:*:*:*"]}, {"lastseen": "2023-02-09T14:43:36", "description": "Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-38053, CVE-2022-41037, CVE-2022-41038.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-41036", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-38053", "CVE-2022-41036", "CVE-2022-41037", "CVE-2022-41038"], "modified": "2022-10-12T16:51:00", "cpe": ["cpe:/a:microsoft:sharepoint_server:2013", "cpe:/a:microsoft:sharepoint_foundation:2013", "cpe:/a:microsoft:sharepoint_server:-", "cpe:/a:microsoft:sharepoint_server:2016", "cpe:/a:microsoft:sharepoint_server:2019"], "id": "CVE-2022-41036", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-41036", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*", "cpe:2.3:a:microsoft:sharepoint_foundation:2013:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:-:*:*:*:subscription:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2013:sp1:*:*:enterprise:*:*:*"]}, {"lastseen": "2023-02-09T14:37:55", "description": "Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41036, CVE-2022-41037, CVE-2022-41038.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-38053", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-38053", "CVE-2022-41036", "CVE-2022-41037", "CVE-2022-41038"], "modified": "2022-10-13T15:43:00", "cpe": ["cpe:/a:microsoft:sharepoint_enterprise_server:2013", "cpe:/a:microsoft:sharepoint_enterprise_server:2016", "cpe:/a:microsoft:sharepoint_server:-", "cpe:/a:microsoft:sharepoint_foundation:2013", "cpe:/a:microsoft:sharepoint_server:2019"], "id": "CVE-2022-38053", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38053", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:a:microsoft:sharepoint_enterprise_server:2013:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_enterprise_server:2016:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:-:*:*:*:subscription:*:*:*", "cpe:2.3:a:microsoft:sharepoint_foundation:2013:sp1:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:37:52", "description": "Windows Group Policy Preference Client Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37993, CVE-2022-37994.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-37999", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37993", "CVE-2022-37994", "CVE-2022-37999"], "modified": "2022-10-13T13:19:00", "cpe": ["cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-37999", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37999", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:37:48", "description": "Windows Group Policy Preference Client Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37993, CVE-2022-37999.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-37994", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37993", "CVE-2022-37994", "CVE-2022-37999"], "modified": "2022-10-12T14:04:00", "cpe": ["cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-37994", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37994", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:37:48", "description": "Windows Group Policy Preference Client Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37994, CVE-2022-37999.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-37993", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37993", "CVE-2022-37994", "CVE-2022-37999"], "modified": "2022-10-12T14:47:00", "cpe": ["cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-37993", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37993", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:37:56", "description": "Windows Graphics Component Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37997.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-38051", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37997", "CVE-2022-38051"], "modified": "2022-10-13T15:50:00", "cpe": ["cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-38051", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38051", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:37:47", "description": "Windows Graphics Component Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-38051.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-37997", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37997", "CVE-2022-38051"], "modified": "2022-10-13T14:23:00", "cpe": ["cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-37997", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37997", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:37:52", "description": "Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-37982.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-38031", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37982", "CVE-2022-38031"], "modified": "2022-10-12T17:11:00", "cpe": ["cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-38031", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38031", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:37:44", "description": "Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-38031.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-37982", "cwe": ["CWE-94"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37982", "CVE-2022-38031"], "modified": "2022-10-13T14:22:00", "cpe": ["cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-37982", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37982", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*"]}, {"lastseen": "2023-02-09T14:37:47", "description": "Windows Local Session Manager (LSM) Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-37973.", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 7.7, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-37998", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37973", "CVE-2022-37998"], "modified": "2022-10-13T13:19:00", "cpe": ["cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-37998", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37998", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:37:43", "description": "Windows Local Session Manager (LSM) Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-37998.", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 7.7, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-37973", "cwe": ["CWE-400"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37973", "CVE-2022-37998"], "modified": "2022-11-14T15:09:00", "cpe": ["cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-37973", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37973", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*"]}, {"lastseen": "2023-02-09T14:37:45", "description": "Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37987.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-37989", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37987", "CVE-2022-37989"], "modified": "2022-10-12T15:14:00", "cpe": ["cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-37989", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37989", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:37:47", "description": "Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37989.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-37987", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-37987", "CVE-2022-37989"], "modified": "2022-10-12T14:56:00", "cpe": ["cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-37987", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37987", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:37:52", "description": "Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-38036", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-38036"], "modified": "2022-10-12T17:16:00", "cpe": ["cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server_2022:-"], "id": "CVE-2022-38036", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38036", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*"]}, {"lastseen": "2023-02-09T14:37:52", "description": "Windows Distributed File System (DFS) Information Disclosure Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-38025", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-38025"], "modified": "2022-10-12T17:06:00", "cpe": ["cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:22h2"], "id": "CVE-2022-38025", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38025", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:43:40", "description": "Visual Studio Code Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-41083", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-41083"], "modified": "2022-10-12T17:14:00", "cpe": [], "id": "CVE-2022-41083", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-41083", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": []}, {"lastseen": "2023-02-09T14:37:55", "description": "Microsoft Office Graphics Remote Code Execution Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-38049", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-38049"], "modified": "2022-10-13T15:51:00", "cpe": ["cpe:/a:microsoft:office:2019", "cpe:/a:microsoft:365_apps:-", "cpe:/a:microsoft:office_long_term_servicing_channel:2021"], "id": "CVE-2022-38049", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38049", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"]}, {"lastseen": "2023-02-09T14:43:34", "description": "Visual Studio Code Remote Code Execution Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-41034", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-41034"], "modified": "2022-10-13T15:20:00", "cpe": [], "id": "CVE-2022-41034", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-41034", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": []}, {"lastseen": "2023-02-09T14:43:34", "description": "Visual Studio Code Information Disclosure Vulnerability.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 4.0}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-41042", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-41042"], "modified": "2022-10-12T17:15:00", "cpe": ["cpe:/a:microsoft:visual_studio_code:-"], "id": "CVE-2022-41042", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-41042", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:a:microsoft:visual_studio_code:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:37:51", "description": "Windows USB Serial Driver Information Disclosure Vulnerability.", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-38030", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-38030"], "modified": "2022-10-12T17:19:00", "cpe": ["cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-38030", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38030", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-10T17:31:27", "description": "Web Account Manager Information Disclosure Vulnerability.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-38046", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-38046"], "modified": "2023-02-10T16:17:00", "cpe": ["cpe:/o:microsoft:windows_10:21h2", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-"], "id": "CVE-2022-38046", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38046", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:33:57", "description": "Service Fabric Explorer Spoofing Vulnerability.", "cvss3": {"exploitabilityScore": 1.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "baseScore": 4.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-35829", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-35829"], "modified": "2022-10-14T14:50:00", "cpe": ["cpe:/a:microsoft:azure_service_fabric:-"], "id": "CVE-2022-35829", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35829", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:a:microsoft:azure_service_fabric:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:37:56", "description": "Win32k Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-38050", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-38050"], "modified": "2022-10-13T15:51:00", "cpe": ["cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-38050", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38050", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:43:33", "description": "Microsoft Word Remote Code Execution Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-41031", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-41031"], "modified": "2022-10-13T15:37:00", "cpe": ["cpe:/a:microsoft:office:2019", "cpe:/a:microsoft:365_apps:-", "cpe:/a:microsoft:office_long_term_servicing_channel:2021"], "id": "CVE-2022-41031", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-41031", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*", "cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*", "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*", "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:*:*"]}, {"lastseen": "2023-02-09T14:37:53", "description": "Windows Storage Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-38027", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-38027"], "modified": "2022-10-12T16:52:00", "cpe": ["cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-38027", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38027", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:37:51", "description": "Windows Print Spooler Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-38028", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-38028"], "modified": "2022-10-12T17:11:00", "cpe": ["cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-38028", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38028", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:37:52", "description": "Windows DHCP Client Information Disclosure Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-38026", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-38026"], "modified": "2022-10-12T16:52:00", "cpe": ["cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-38026", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38026", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:30:10", "description": "Windows GDI+ Remote Code Execution Vulnerability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-33635", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-33635"], "modified": "2022-10-12T14:36:00", "cpe": ["cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-33635", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-33635", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:x86:*"]}, {"lastseen": "2023-02-09T14:37:55", "description": "Server Service Remote Protocol Elevation of Privilege Vulnerability.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-38045", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-38045"], "modified": "2022-12-05T20:23:00", "cpe": ["cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-38045", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38045", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:37:53", "description": "Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability.", "cvss3": {"exploitabilityScore": 0.7, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.6, "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T19:15:00", "type": "cve", "title": "CVE-2022-38032", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-38032"], "modified": "2022-12-15T17:28:00", "cpe": ["cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_11:22h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:21h1", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2022:-", "cpe:/o:microsoft:windows_11:-", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:21h2"], "id": "CVE-2022-38032", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-38032", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:22h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*"]}], "mskb": [{"lastseen": "2023-03-15T10:44:59", "description": "None\n## Summary\n\nThis security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see the following security advisories: \n\n * [Microsoft Common Vulnerabilities and Exposures CVE-2022-41036](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41036>)\n * [Microsoft Common Vulnerabilities and Exposures CVE-2022-41037](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41037>)\n * [Microsoft Common Vulnerabilities and Exposures CVE-2022-41038](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41038>)\n * [Microsoft Common Vulnerabilities and Exposures CVE-2022-38053](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38053>)\n\n**Notes: **\n\n * This is build **16.0.5365.1000** of the security update package.\n * To apply this security update, you must have the release version of Microsoft SharePoint Enterprise Server 2016 installed on the computer.\n\nThis public update delivers Feature Pack 2 for SharePoint Server 2016. Feature Pack 2 contains the following feature:\n\n * SharePoint Framework (SPFx)\nThis public update also delivers all the features that were included in Feature Pack 1 for SharePoint Server 2016, including:\n * Administrative Actions Logging\n * MinRole enhancements\n * SharePoint Custom Tiles\n * Hybrid Taxonomy\n * OneDrive API for SharePoint on-premises\n * OneDrive for Business modern user experience (available to Software Assurance customers)\nThe OneDrive for Business modern user experience requires an active Software Assurance contract at the time that the experience is enabled, either by installation of the public update or by manual enablement. If you don't have an active Software Assurance contract at the time of enablement, you must turn off the OneDrive for Business modern user experience.For more information, see the following Microsoft Docs articles:\n * [New features included in the November 2016 Public Update for SharePoint Server 2016 (Feature Pack 1)](<https://docs.microsoft.com/sharepoint/what-s-new/new-features-november-2016>)\n * [New features included in the September 2017 Public Update for SharePoint Server 2016 (Feature Pack 2)](<https://docs.microsoft.com/sharepoint/what-s-new/new-feature-in-feature-pack-2>)\n\n## Improvements and fixes\n\nThis security update improves the least-privileged configuration of the SharePoint farm service account in Microsoft SQL Server in SharePoint Enterprise Server 2016.\n\n## Known issues in this update\n\nThis update might affect some SharePoint 2010 workflow scenarios. It also generates \"6ksbk\" event tags in SharePoint Unified Logging System (ULS) logs. For more information, see SharePoint 2010 workflows might be blocked by enhanced security policy (KB5020238).\n\n## How to get and install the update\n\n### Method 1: Microsoft Update\n\nThis update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see [Windows Update: FAQ](<https://support.microsoft.com/help/12373/windows-update-faq>).\n\n### Method 2: Microsoft Update Catalog\n\nTo get the standalone package for this update, go to the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/Search.aspx?q=KB5002287>) website.\n\n### Method 3: Microsoft Download Center\n\nYou can get the standalone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.\n\n * [Download security update 5002287 for the 64-bit version of SharePoint Enterprise Server 2016](<http://www.microsoft.com/download/details.aspx?familyid=f2c85278-fbef-4d52-8223-5acd2789da91>)\n\n## More information\n\n### Security update deployment information\n\nFor deployment information about this update, see [Deployments - Security Update Guide](<https://msrc.microsoft.com/update-guide/deployments>).\n\n### Security update replacement information\n\nThis security update replaces previously released security update [5002269](<https://support.microsoft.com/kb/5002269>).\n\n### File hash information\n\nFile name| SHA256 hash \n---|--- \nsts2016-kb5002287-fullfile-x64-glb.exe| 78370E677EBFFE60737DB10993DAB8B20409D15977B07DDA39A92C72146EE6C7 \n \n### File information\n\nDownload [the list of files that are included in security update 5002287](<https://download.microsoft.com/download/b/0/8/b08094de-5fac-4299-9fc3-02d6fab708e9/5002287.csv>).\n\n## Information about protection and security\n\nProtect yourself online: [Windows Security support](<https://support.microsoft.com/hub/4099151>)Learn how we guard against cyber threats: [Microsoft Security](<https://www.microsoft.com/security>)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-11T07:00:00", "type": "mskb", "title": "Description of the security update for SharePoint Enterprise Server 2016: October 11, 2022 (KB5002287)", "bulletinFamily": "microsoft", "cvss2": {}, "cvelist": ["CVE-2022-38053", "CVE-2022-41036", "CVE-2022-41037", "CVE-2022-41038"], "modified": "2022-10-11T07:00:00", "id": "KB5002287", "href": "https://support.microsoft.com/en-us/help/5002287", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-15T10:45:02", "description": "None\n## Summary\n\nThis security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see the following security advisories: \n\n * [Microsoft Common Vulnerabilities and Exposures CVE-2022-41036](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41036>)\n * [Microsoft Common Vulnerabilities and Exposures CVE-2022-41037](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41037>)\n * [Microsoft Common Vulnerabilities and Exposures CVE-2022-41038](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41038>)\n * [Microsoft Common Vulnerabilities and Exposures CVE-2022-38053](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38053>)\n\n**Notes: **\n\n * This is build **16.0.15601.20158** of the security update package.\n * To apply this security update, you must have the release version of Microsoft SharePoint Server Subscription Edition installed on the computer.\n\n## Improvements and fixes\n\nThis security update contains improvements and fixes for the following nonsecurity issues in SharePoint Server Subscription Edition:\n\n * Fixes an issue in which item content types aren't shown correctly when you create an item in the list view of the classic document library web part that has Office Online Server configured.\n * Fixes an issue in which users are prompted to sign in on classic team sites even though anonymous access is enabled.\n * Fixes an accessibility issue in which the content is truncated on the team site page after the page is resized to 400 percent when you set the display resolution to 1280*1024.\n * Fixes an accessibility issue in which the content is truncated in an activity web part on the home page after you apply text spacing.\n * Fixes an issue in which you cannot select a folder name that includes a number sign (#) character in Tree view.\n * Fixes an issue in which you cannot open Microsoft OneNote through a web view link.\n * Fixes an issue in which the keyboard focus indicator is truncated in the \"Header\" section.\n * Improves the least-privileged configuration of the SharePoint farm service account in Microsoft SQL Server. \nThis security update also enables you to configure multiple client identifiers in an OIDC-enabled SPTrustedIdentityTokenIssuer. For example, you can run the following cmdlet:Set-SPTrustedIdentityTokenIssuer -Identity &lt;name&gt; -ScopedClientIdentifier Dictionary&lt;Uri,string&gt; -IsOpenIDConnect \n\n## Known issues in this update\n\nThis update might affect some SharePoint 2010 workflow scenarios. It also generates \"6ksbk\" event tags in SharePoint Unified Logging System (ULS) logs. For more information, see SharePoint 2010 workflows might be blocked by enhanced security policy (KB5020238).\n\n## How to get and install the update\n\n### Method 1: Microsoft Update\n\nThis update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see [Windows Update: FAQ](<https://support.microsoft.com/help/12373/windows-update-faq>).\n\n### Method 2: Microsoft Update Catalog\n\nTo get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB5002290>) website.\n\n### Method 3: Microsoft Download Center\n\nYou can get the standalone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.\n\n * [Download security update 5002290 for the 64-bit version of SharePoint Server Subscription Edition](<http://www.microsoft.com/download/details.aspx?familyid=b93b3f31-da48-4ee6-9653-7a65132adb56>)\n\n## More information\n\n### Security update deployment information\n\nFor deployment information about this update, see [Deployments - Security Update Guide](<https://msrc.microsoft.com/update-guide/deployments>).\n\n### Security update replacement information\n\nThis security update replaces previously released security update [5002271](<https://support.microsoft.com/kb/5002271>).\n\n### File hash information\n\nFile name| SHA256 hash \n---|--- \nsts-subscription-kb5002290-fullfile-x64-glb.exe| 1A25F4E30D4FE3B7A11CF174316DA376824BF3FE08A9A90595C88C05ACF030D5 \n \n### File information\n\nThe English (United States) version of this software update installs files that have the attributes that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.\n\n#### \n\n__\n\nFor all supported x64-based versions of SharePoint Server Subscription Edition\n\nFile identifier| File name| File version| File size| Date| Time \n---|---|---|---|---|--- \nmicrosoft.ceres.interactionengine.services.dll| microsoft.ceres.interactionengine.services.dll| 16.0.15601.20072| 105880| 14-Sep-22| 08:01 \nnl7models000a.dll_osssearch| nl7models000a.dll| 16.0.15601.20072| 5445648| 14-Sep-22| 08:01 \nsts_spclientnewux785f9104454d8161f772031cee1f9767| 24.officebrowserfeedback-floodgate.js| | 403272| 14-Sep-22| 08:01 \nsts_spclientnewuxe842d74f8bb0760b55d7f43f35d0d7a7| sp-newsfeed-webpart-bundle.js| | 142772| 14-Sep-22| 08:01 \nconversion.proof.mshy2_hu.dll| mshy7hu.dll| 16.0.15601.20072| 160208| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchcore.admin.dll| microsoft.ceres.searchcore.admin.dll| 16.0.15601.20072| 127392| 14-Sep-22| 08:01 \nprm0009.bin_osssearch| prm0009.bin| | 13237760| 14-Sep-22| 08:01 \nmsvcp140_codecvt_ids.dll.dfefc2fe_eee6_424c_841b_d4e66f0c84a3| msvcp140_codecvt_ids.dll| | 20368| 14-Sep-22| 08:01 \ncms12plc.dll| policy.12.0.microsoft.sharepoint.publishing.dll| 16.0.15601.20072| 25632| 14-Sep-22| 08:01 \nconversion.proof.mshy2_ro.lex| mshy7ro.lex| | 195072| 14-Sep-22| 08:01 \nsp.ui.applicationpages.js| sp.ui.applicationpages.js| | 7684| 14-Sep-22| 08:01 \nsts14plc.config| policy.14.0.microsoft.sharepoint.config| | 590| 14-Sep-22| 08:01 \nspsec14.config| policy.14.0.microsoft.sharepoint.security.config| | 599| 14-Sep-22| 08:01 \nclt15plc.dll| policy.15.0.microsoft.sharepoint.client.dll| 16.0.15601.20072| 25640| 14-Sep-22| 08:01 \ntraceman.exe| wsstracing.exe| 16.0.15601.20072| 311176| 14-Sep-22| 08:01 \ngac_microsoft.sharepoint.spx.websitecore| microsoft.sharepoint.spx.websitecore.dll| 16.0.15601.20144| 136680| 14-Sep-22| 08:01 \nvisfilt.dll.x64| visfilt.dll| 16.0.15601.20120| 4644272| 14-Sep-22| 08:01 \nbusinessdata15.config| policy.15.0.microsoft.businessdata.config| | 592| 14-Sep-22| 08:01 \nsts_odspnextnewuxd4f616ce0ce5d815121f4cb904bab0b2| splist.js| | 915982| 14-Sep-22| 08:01 \nsprecdocsd.js| sp.recentdocs.debug.js| | 40634| 14-Sep-22| 08:01 \nspx14plc.config| policy.14.0.microsoft.sharepoint.spx.config| | 594| 14-Sep-22| 08:01 \nmicrosoft.ceres.nlpbase.indextokenizer.dll| microsoft.ceres.nlpbase.indextokenizer.dll| 16.0.15601.20072| 42912| 14-Sep-22| 08:01 \nconversion.proof.mshy2_ro.dll| mshy7ro.dll| 16.0.15601.20072| 160192| 14-Sep-22| 08:01 \nnl7models0007.dll_osssearch| nl7models0007.dll| 16.0.15601.20072| 5901832| 14-Sep-22| 08:01 \nwsshelp.xml_1030| microsoft.sharepoint.powershell.dll-help.xml| | | 14-Sep-22| 08:22 \nwsshelp.xml_1038| microsoft.sharepoint.powershell.dll-help.xml| | | 14-Sep-22| 08:24 \nwpcm.js| wpcm.js| | 3849| 14-Sep-22| 08:01 \nxladomdc.dll| microsoft.excel.adomdclient.dll| 13.0.1605.913| 1019312| 14-Sep-22| 08:01 \ntpnftxt| third party notices.txt| | | 14-Sep-22| 08:01 \nsts_spclientnewux42265c62f023933d9320cc0f4af50ec5| 0f087d7f-520e-42b7-89c0-496aaf979d58.json| | 12176| 14-Sep-22| 08:01 \nconversion.office.mso30win32server.dll| mso30win32server.dll| 16.0.15601.20118| 3309968| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.taxonomy.serverstub.dll| microsoft.sharepoint.taxonomy.serverstub.dll| 16.0.15601.20144| 220704| 14-Sep-22| 08:01 \npdfirmp.dll_0001| microsoft.office.irm.pdfprotector.dll| 16.0.15601.20072| 40944| 14-Sep-22| 08:01 \nmfc140rus.dll.f1670fca_6780_3657_9c04_af8005ac8143| mfc140rus.dll| | 64392| 14-Sep-22| 08:01 \nwfa14plc.dll| policy.14.0.microsoft.sharepoint.workflowactions.dll| 16.0.15601.20072| 26184| 14-Sep-22| 08:01 \nspui_person.js| sp.ui.person.js| | 10326| 14-Sep-22| 08:01 \nmicrosoft.ceres.contentengine.contentpush.dll| microsoft.ceres.contentengine.contentpush.dll| 16.0.15601.20072| 167336| 14-Sep-22| 08:01 \nprm000b.bin_osssearch| prm000b.bin| | 38144512| 14-Sep-22| 08:01 \nie55up.js| ie55up.js| | 81176| 14-Sep-22| 08:01 \nmicrosoft.office.compliancepolicy.platform.dll| microsoft.office.compliancepolicy.platform.dll| 16.0.15601.20144| 2056680| 14-Sep-22| 08:01 \nwsshelp.xml_1062| microsoft.sharepoint.powershell.dll-help.xml| | | 14-Sep-22| 08:24 \nmicrosoft.office.web.conversion.framework.dll| microsoft.office.web.conversion.framework.dll| 16.0.15601.20156| 289240| 14-Sep-22| 08:01 \nfollowedtags.js| followedtags.js| | 2728| 14-Sep-22| 08:01 \nspxjsinc14plc.dll| policy.14.0.microsoft.sharepoint.spx.jsinclude.dll| 16.0.15601.20072| 26168| 14-Sep-22| 08:01 \nmicrosoft.ceres.evaluation.operators.core.dll| microsoft.ceres.evaluation.operators.core.dll| 16.0.15601.20072| 60824| 14-Sep-22| 08:01 \nmicrosoft.office.server.directory.sharepointinterface| microsoft.office.server.directory.sharepointinterface.dll| 16.0.15601.20144| 143856| 14-Sep-22| 08:01 \nmicrosoft.office.documentmanagement.serverstub| microsoft.office.documentmanagement.serverstub.dll| 16.0.15601.20144| 86616| 14-Sep-22| 08:01 \nwfs15plc.config| policy.15.0.microsoft.sharepoint.workflows.config| | 600| 14-Sep-22| 08:01 \nsts_spclientnewuxa11ecb71c3d6724321d95d80c9ff84a2| 24.sp-pages-uservoice.js| | 11248| 14-Sep-22| 08:01 \nsts_spclientnewuxacbcfd1635aafc26d7fa34d3a4170557| sp-carousel-layout.js| | 74712| 14-Sep-22| 08:01 \noffxml.dll| offxml.dll| 16.0.15601.20072| 394640| 14-Sep-22| 08:01 \nhierarchytreeview.js| hierarchytreeview.js| | 8801| 14-Sep-22| 08:01 \nmicrosoft.ceres.contentengine.annotationprimitives.dll| microsoft.ceres.contentengine.annotationprimitives.dll| 16.0.15601.20072| 43400| 14-Sep-22| 08:01 \nmicrosoft.ceres.coreservices.tools.management.systemcontroller.dllmsil| microsoft.ceres.coreservices.tools.management.systemcontroller.dll| 16.0.15601.20072| 50072| 14-Sep-22| 08:01 \nmicrosoft.system_dictionaries_spellcheck.dll| microsoft.system_dictionaries_spellcheck.dll| 16.0.15601.20158| 24643456| 14-Sep-22| 08:01 \nmswb7.dll_osssearch| mswb7.dll| 16.0.15601.20072| 272328| 14-Sep-22| 08:01 \nprm0027.bin_osssearch| prm0027.bin| | 11331072| 14-Sep-22| 08:01 \nganttscr.js| ganttscript.js| | 5100| 14-Sep-22| 08:01 \nmicrosoft.ceres.docparsing.external.client.dllmsil| microsoft.ceres.docparsing.external.client.dll| 16.0.15601.20072| 58760| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchcore.tenantmapping.dll| microsoft.ceres.searchcore.tenantmapping.dll| 16.0.15601.20072| 74128| 14-Sep-22| 08:01 \nconversion.proof.mshy2_sl.lex| mshy7sl.lex| | 146944| 14-Sep-22| 08:01 \nprm0416.bin_osssearch| prm0416.bin| | 13998592| 14-Sep-22| 08:01 \nclt14plc.config| policy.14.0.microsoft.sharepoint.client.config| | 597| 14-Sep-22| 08:01 \nsp.accessibility.js| sp.accessibility.js| | 21843| 14-Sep-22| 08:01 \ndsigres.cab.x86_1087| dsigres.cab| | 237263| 14-Sep-22| 08:22 \nmicrosoft.ceres.contentengine.securityutil.dll| microsoft.ceres.contentengine.securityutil.dll| 16.0.15601.20072| 81816| 14-Sep-22| 08:01 \nreputation.debug.js| reputation.debug.js| | 5317| 14-Sep-22| 08:01 \npeople.js1| sp.ui.people.js| | 59579| 14-Sep-22| 08:01 \nconversion.office.mso98win32server.dll| mso98win32server.dll| 16.0.15601.20142| 1338264| 14-Sep-22| 08:01 \nconversion.proof.mshy2_lv.lex| mshy7lv.lex| | 111616| 14-Sep-22| 08:01 \nconversion.proof.mshy2_ru.dll| mshy7ru.dll| 16.0.15601.20072| 160208| 14-Sep-22| 08:01 \nmsvcp140_1.dll.dfefc2fe_eee6_424c_841b_d4e66f0c84a3| msvcp140_1.dll| 14.29.30135.0| 23952| 14-Sep-22| 08:01 \ndlcworkflowactionsvs_dll| microsoft.office.workflow.actions.dll| 16.0.15601.20144| 158656| 14-Sep-22| 08:01 \nlistview.debug.js| listview.debug.js| | 933458| 14-Sep-22| 08:01 \nsts_odspnextnewuxc2feb86763199de55a499729d395cb83| splist.json| | 257045| 14-Sep-22| 08:01 \nmicrosoft.ceres.hostcontroller.wcfserver.dll| microsoft.ceres.hostcontroller.wcfserver.dll| 16.0.15601.20072| 56712| 14-Sep-22| 08:01 \nsso15plc.config| policy.15.0.microsoft.office.securestoreservice.config| | 605| 14-Sep-22| 08:01 \nwfa12plc.dll| policy.12.0.microsoft.sharepoint.workflowactions.dll| 16.0.15601.20072| 26152| 14-Sep-22| 08:01 \nspgridvw.js| spgridview.js| | 4903| 14-Sep-22| 08:01 \nvisioserver.cultures.office.odf| office.odf| | 2274200| 14-Sep-22| 08:01 \nportal.dll| microsoft.sharepoint.portal.dll| 16.0.15601.20144| 6864304| 14-Sep-22| 08:01 \nactxprjlchrd.js| activexwinprojlauncher.debug.js| | 2095| 14-Sep-22| 08:01 \nsp.ui.documentssharedwithme.debug.js| sp.ui.documentssharedwithme.debug.js| | 41725| 14-Sep-22| 08:01 \nsts_odspnextnewuxe8f363779e230efb9d852eceace8ab24| listitemformreactcontrols.js| | 243867| 14-Sep-22| 08:01 \nmicrosoft.ceres.coreservices.hostcontroller.dll| microsoft.ceres.coreservices.hostcontroller.dll| 16.0.15601.20072| 49040| 14-Sep-22| 08:01 \nmicrosoft.office.server.webanalytics.dll| microsoft.office.server.webanalytics.dll| 16.0.15601.20144| 32656| 14-Sep-22| 08:01 \nmicrosoft.office.server.workmanagement.serverproxy.dll| microsoft.office.server.workmanagement.serverproxy.dll| 16.0.15601.20144| 241184| 14-Sep-22| 08:01 \nsp.ui.reputation.js| sp.ui.reputation.js| | 25976| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.documentmanagement.x64| microsoft.sharepoint.client.documentmanagement.dll| 16.0.15601.20072| 45024| 14-Sep-22| 08:01 \npol12plc.dll| policy.12.0.microsoft.office.policy.dll| 16.0.15601.20072| 25632| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchcore.journal.dll| microsoft.ceres.searchcore.journal.dll| 16.0.15601.20072| 201624| 14-Sep-22| 08:01 \ndsigres.cab.x64_10266| dsigres.cab| | 237263| 14-Sep-22| 08:22 \nclientpeoplepicker.debug.js| clientpeoplepicker.debug.js| | 83429| 14-Sep-22| 08:01 \nowsbrows.js| owsbrows.js| | 13302| 14-Sep-22| 08:01 \nxmlrwbin.dll| xmlrwbin_xl.dll| 2015.0130.1605.913| 221608| 14-Sep-22| 08:01 \nsts_spclientnewux3e03c959295ab9f212e447d8558354a2| 112.image-property-pane.js| | 1802| 14-Sep-22| 08:01 \nradiobuttonwithchildren.js| radiobuttonwithchildren.js| | 3557| 14-Sep-22| 08:01 \nnl7data.dll_1054| nl7data001e.dll| 16.0.15601.20072| 951280| | \nprm000e.bin_osssearch| prm000e.bin| | 57863168| 14-Sep-22| 08:01 \nwfs12plc.dll| policy.12.0.microsoft.sharepoint.workflows.dll| 16.0.15601.20072| 25624| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.search.applications.portable.dll.x64| microsoft.sharepoint.client.search.applications.portable.dll| 16.0.15601.20072| 30744| 14-Sep-22| 08:01 \ncommunityfeed.js| sp.ui.communityfeed.js| | 9999| 14-Sep-22| 08:01 \ncsisrvexe.exe| csisrvexe.exe| 16.0.15601.20118| 414680| 14-Sep-22| 08:01 \nmicrosoft.office.server.openxml.dll| microsoft.office.server.openxml.dll| 16.0.15601.20144| 1327520| 14-Sep-22| 08:01 \nmfc140jpn.dll.f1670fca_6780_3657_9c04_af8005ac8143| mfc140jpn.dll| | 48008| 14-Sep-22| 08:01 \nsplinqvs.dll| microsoft.sharepoint.linq.dll| 16.0.15601.20144| 383400| 14-Sep-22| 08:01 \nstsom.dll| microsoft.sharepoint.dll| 16.0.15601.20144| 37359968| 14-Sep-22| 08:01 \nwsshelp.xml_1035| microsoft.sharepoint.powershell.dll-help.xml| | | 14-Sep-22| 08:22 \nsts_spclientnewuxf4d41169fbc7b20e194c0190b914b42f| 119.14.js| | 2229| 14-Sep-22| 08:01 \nmicrosoft.odata.core.7.8.2.dll| microsoft.odata.core.dll| 7.8.2.20215| 1554320| 14-Sep-22| 08:01 \nsts_spclientnewux1fb2dc66f417be0be5dee3cae46eedf8| 73.debug-prompt-components.js| | 357384| 14-Sep-22| 08:01 \nautofill.debug.js| autofill.debug.js| | 20542| 14-Sep-22| 08:01 \ncms15plc.dll| policy.15.0.microsoft.sharepoint.publishing.dll| 16.0.15601.20072| 25616| 14-Sep-22| 08:01 \nmicrosoft.ceres.interactionengine.tools.processingengineapi.dll| microsoft.ceres.interactionengine.tools.processingengineapi.dll| 16.0.15601.20072| 30096| 14-Sep-22| 08:01 \nmicrosoft.ceres.nlpbase.phonetic.dll| microsoft.ceres.nlpbase.phonetic.dll| 16.0.15601.20072| 79760| 14-Sep-22| 08:01 \ntax14plc.dll| policy.14.0.microsoft.sharepoint.taxonomy.dll| 16.0.15601.20072| 25632| 14-Sep-22| 08:01 \nconversion.proof.mshy2_tr.lex| mshy7tr.lex| | 391680| 14-Sep-22| 08:01 \nmfc140fra.dll.dfefc2fe_eee6_424c_841b_d4e66f0c84a3| mfc140fra.dll| | 68472| 14-Sep-22| 08:01 \nsts_spclientnewux6412ba42990d5080c82a1fbb922fe010| 119.24.js| | 1312| 14-Sep-22| 08:01 \nwpadder.debug.js| wpadder.debug.js| | 52880| 14-Sep-22| 08:01 \nsts_odspnextnewux9f62840cb94a86d5e2f49048343fcd7a| customformatter.js| | 130617| 14-Sep-22| 08:01 \nsts_spclientnewux6d0b88b1fc07d52bfd5ed0e7ffd2ff96| sp-component-utilities.js| | 110167| 14-Sep-22| 08:01 \naxl14plc.config| policy.14.0.antixsslibrary.config| | 584| 14-Sep-22| 08:01 \nmicrosoft.office.project.server.communications.internal.dll| microsoft.office.project.server.communications.internal.dll| 16.0.15601.20144| 709520| 14-Sep-22| 08:01 \nrot14plc.config| policy.14.0.microsoft.office.workflow.routing.config| | 603| 14-Sep-22| 08:01 \nmswb70404.dll_osssearch| mswb70404.dll| 16.0.15601.20072| 863712| 14-Sep-22| 08:01 \ndesigngallery.js| designgallery.js| | 29175| 14-Sep-22| 08:01 \nsp.ribbon.debug.js| sp.ribbon.debug.js| | 361475| 14-Sep-22| 08:01 \nvisioserver.microsoft.office.visio.utility.dll| microsoft.office.visio.utility.dll| 16.0.15601.20072| 86456| 14-Sep-22| 08:01 \ndsigres.cab.x86_10266| dsigres.cab| | 237263| 14-Sep-22| 08:22 \nmicrosoft.sharepoint.portal.proxy.dll| microsoft.sharepoint.portal.proxy.dll| 16.0.15601.20144| 205704| 14-Sep-22| 08:01 \nps14adm.config| policy.14.0.microsoft.office.project.server.administration.config| | 616| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchcore.indexes.graphserverindex.dll| microsoft.ceres.searchcore.indexes.graphserverindex.dll| 16.0.15601.20072| 70056| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.filestore.dll| microsoft.sharepoint.filestore.dll| 16.0.15601.20144| 24952| 14-Sep-22| 08:01 \nmicrosoft.office.ofc.dll| microsoft.office.ofc.dll| 16.0.0.0| 207192| 14-Sep-22| 08:01 \nsrchomnt.dll_1| microsoft.sharepoint.search.native.dll| 16.0.15601.20144| 505792| 14-Sep-22| 08:01 \npeopledebug.js| sp.ui.people.debug.js| | 87048| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchcore.generationcontroller.dll| microsoft.ceres.searchcore.generationcontroller.dll| 16.0.15601.20072| 136616| 14-Sep-22| 08:01 \nprm0008.bin_osssearch| prm0008.bin| | 15619584| 14-Sep-22| 08:01 \nsts_spclientnewuxdf2bcc4f08c7d6e74b90a5cc8b695a0b| 116.contentrollupwebpart-propertypanesettings.js| | 13836| 14-Sep-22| 08:01 \nmopap.dll| microsoft.office.policy.adminpages.dll| 16.0.15601.20144| 37808| 14-Sep-22| 08:01 \nsp.ui.tileview.js| sp.ui.tileview.js| | 62077| 14-Sep-22| 08:01 \ncallout.debug.js| callout.debug.js| | 92058| 14-Sep-22| 08:01 \nsp.ui.applicationpages.debug.js| sp.ui.applicationpages.debug.js| | 11283| 14-Sep-22| 08:01 \nsts_spclientnewux1a9225fe7fdc2da37abe13760d94b578| 119.7.js| | 8645| 14-Sep-22| 08:01 \nfollowedtags.debug.js| followedtags.debug.js| | 6347| 14-Sep-22| 08:01 \npwa.library.projectserverscripts.pm.debug.js| ps.projectmanagers.debug.js| | 375879| 14-Sep-22| 08:01 \ndm15plc.dll| policy.15.0.microsoft.office.documentmanagement.dll| 16.0.15601.20072| 26192| 14-Sep-22| 08:01 \nsts_spclientnewux2c796a5b1b1251e0f22102b798d4d3bd| 24.sp-pages-comments.js| | 99158| 14-Sep-22| 08:01 \nsts_spclientnewuxe2e58fc5fb56b66cddf843e55ff5f992| sp-news-webpart-bundle.js| | 142585| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.search.dll.x64| microsoft.sharepoint.client.search.dll| 16.0.15601.20144| 107456| 14-Sep-22| 08:01 \nvsrvintl.dll| microsoft.office.visio.server.intl.dll| 16.0.15601.20072| 113576| 14-Sep-22| 08:01 \nps15plc.dll| policy.15.0.microsoft.office.project.server.pwa.dll| 16.0.15601.20072| 25640| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchcore.fastserver.managed.dll| microsoft.ceres.searchcore.fastserver.managed.dll| 16.0.15601.20072| 473000| 14-Sep-22| 08:01 \nnl7data0404.dll_osssearch| nl7data0404.dll| 16.0.15601.20072| 2704944| 14-Sep-22| 08:01 \nroamingapps.js| roamingapps.js| | 23486| 14-Sep-22| 08:01 \nmicrosoft.ceres.coreservices.framework.dll| microsoft.ceres.coreservices.framework.dll| 16.0.15601.20072| 155544| 14-Sep-22| 08:01 \nmicrosoft.ceres.interactionengine.datamodel.fields.dll| microsoft.ceres.interactionengine.datamodel.fields.dll| 16.0.15601.20072| 32640| 14-Sep-22| 08:01 \nconversion.proof.mshy2_cz.lex| mshy7cz.lex| | 292864| 14-Sep-22| 08:01 \ncmdui14.dll| policy.14.0.microsoft.web.commandui.dll| 16.0.15601.20072| 25616| 14-Sep-22| 08:01 \ngroupboard.debug.js| groupboard.debug.js| | 16339| 14-Sep-22| 08:01 \nmsolapxt.dll| msolap_xl_ext.dll| 2015.0130.1700.1119| 48576| 14-Sep-22| 08:01 \nsts_spclientnewuxa8c9aa3afb3e1858c4883c80b87b0886| sp-application-base.js| | 126349| 14-Sep-22| 08:01 \nmapviewtemplate.js| mapviewtemplate.js| | 15544| 14-Sep-22| 08:01 \ncore_0.rsx| core.resx| | 534218| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.powershell.psd| sharepointserver.psd1| | 54489| 14-Sep-22| 08:01 \nspxapppage14plc.config| policy.14.0.microsoft.sharepoint.spx.applicationpages.config| | 611| 14-Sep-22| 08:01 \nclientxr.dll.x64| microsoft.office.sharepoint.clientextensions.dll| 16.0.15601.20144| 386528| 14-Sep-22| 08:01 \nquicklaunch.debug.js| quicklaunch.debug.js| | 135522| 14-Sep-22| 08:01 \nauthor.dll_0001| author.dll| 16.0.15601.20074| 35728| 14-Sep-22| 08:01 \nwsshelp.xml_1043| microsoft.sharepoint.powershell.dll-help.xml| | | 14-Sep-22| 08:22 \ncommon.dll| microsoft.analysisservices.common.dll| | 1580456| 14-Sep-22| 08:01 \nwfs12plc.config| policy.12.0.microsoft.sharepoint.workflows.config| | 600| 14-Sep-22| 08:01 \nsearchom.dll| microsoft.office.server.search.dll| 16.0.15601.20144| 20853184| 14-Sep-22| 08:01 \nmicrosoft.ceres.coreservices.configuration.dll| microsoft.ceres.coreservices.configuration.dll| 16.0.15601.20072| 77696| 14-Sep-22| 08:01 \nconversion.proof.mshy2_sw.dll| mshy7sw.dll| 16.0.15601.20072| 160192| 14-Sep-22| 08:01 \nbar15plc.dll| policy.15.0.microsoft.office.policy.barcode.generator.dll| 16.0.15601.20072| 26216| 14-Sep-22| 08:01 \nconversion.proof.mshy2_ge.lex| mshy7ge.lex| | 1558528| 14-Sep-22| 08:01 \nnl7models0009.dll_osssearch| nl7models0009.dll| 16.0.15601.20072| 5808120| 14-Sep-22| 08:01 \nsts_spclientnewux2a2fc2a92e0cb8cd022d363ea1786ae4| sp-custommessageregion-bundle.js| | 34365| 14-Sep-22| 08:01 \nosafehtm.dll| osafehtm.dll| 16.0.15601.20072| 291192| 14-Sep-22| 08:01 \nconversion.office.mso20win32server.dll| mso20win32server.dll| 16.0.15601.20148| 4593040| 14-Sep-22| 08:01 \nsiteupgrade.js_14| siteupgrade.js| | 1121| 14-Sep-22| 08:01 \nspgridview.debug.js| spgridview.debug.js| | 7876| 14-Sep-22| 08:01 \nentityeditor.debug.js| entityeditor.debug.js| | 73832| 14-Sep-22| 08:01 \nspui_ri.js| sp.ui.relateditems.js| | 18378| 14-Sep-22| 08:01 \nshtml.dll_0001| shtml.dll| 16.0.15601.20072| 35744| 14-Sep-22| 08:01 \nsts_addgallery_ooprovider| addgallery.officeonlineprovider.dll| 16.0.15601.20072| 55184| 14-Sep-22| 08:01 \nsts_spclientnewuxaeab4a7dad255efb982d8cc6384a6b30| sp-contentrollup-webpart-bundle.js| | 219096| 14-Sep-22| 08:01 \nlobitool.dll| microsoft.office.businessapplications.tools.dll| 16.0.15601.20072| 743840| 14-Sep-22| 08:01 \nprjsvr.stsadmcommandhandler.dll| microsoft.office.project.server.stsadmcommandhandler.dll| 16.0.15601.20144| 145824| 14-Sep-22| 08:01 \nmicrosoft.ceres.coreservices.configuration.dllmsil| microsoft.ceres.coreservices.configuration.dll| 16.0.15601.20072| 77696| 14-Sep-22| 08:01 \nconversion.office.msores.dll| msores.dll| 16.0.15601.20072| 82345872| 14-Sep-22| 08:01 \noffice_extension_manager_js| sp.officeextensionmanager.js| | 61005| 14-Sep-22| 08:01 \nmspjcalcservice.exe| microsoft.office.project.server.calculation.exe| 16.0.15601.20144| 32256| 14-Sep-22| 08:01 \nmicrosoft.projectserver.dll_001| microsoft.projectserver.dll| 16.0.15601.20144| 866272| 14-Sep-22| 08:01 \nmicrosoft.ceres.coreservices.logging.dllmsil| microsoft.ceres.coreservices.logging.dll| 16.0.15601.20072| 51080| 14-Sep-22| 08:01 \nmicrosoft.ceres.docparsing.formathandlers.pointpublishing.dllmsil| microsoft.ceres.docparsing.formathandlers.pointpublishing.dll| 16.0.15601.20072| 42880| 14-Sep-22| 08:01 \nsp.ui.rte.debug.js| sp.ui.rte.debug.js| | 356385| 14-Sep-22| 08:01 \nsppageinstr.js| sp.pageinstrumentation.js| | 1251| 14-Sep-22| 08:01 \nstart.js| start.js| | 101324| 14-Sep-22| 08:01 \nmsmgdsrv.dll| msmgdsrv_xl.dll| 2015.0130.1700.1119| 7640504| 14-Sep-22| 08:01 \nspxwebcore14plc.dll| policy.14.0.microsoft.sharepoint.spx.websitecore.dll| 16.0.15601.20072| 26176| 14-Sep-22| 08:01 \nmicrosoft.projectserver.client.dll| microsoft.projectserver.client.dll| 16.0.15601.20144| 414688| 14-Sep-22| 08:01 \nmicrosoft.ceres.contentengine.operators.external.dll| microsoft.ceres.contentengine.operators.external.dll| 16.0.15601.20072| 81304| 14-Sep-22| 08:01 \nsp.ui.assetlibrary.ribbon.debug.js| sp.ui.assetlibrary.debug.js| | 13220| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.documentmanagement.portable.x64| microsoft.sharepoint.client.documentmanagement.portable.dll| 16.0.15601.20072| 45096| 14-Sep-22| 08:01 \nmicrosoft.office.project.server.inproc.dll| microsoft.office.project.server.inproc.dll| 16.0.15601.20144| 742280| 14-Sep-22| 08:01 \nmicrosoft.ceres.hostcontroller.cmdlets.dll_1| microsoft.ceres.hostcontroller.cmdlets.dll| 16.0.15601.20072| 38792| 14-Sep-22| 08:01 \nmicrosoft.ceres.evaluation.processing.dll| microsoft.ceres.evaluation.processing.dll| 16.0.15601.20072| 202120| 14-Sep-22| 08:01 \nmicrosoft.office.server.diagnostics.dll| microsoft.office.server.diagnostics.dll| 16.0.15601.20072| 30136| 14-Sep-22| 08:01 \nitp.js| itp.js| | 9814| 14-Sep-22| 08:01 \nmylinks.js| mylinks.js| | 2631| 14-Sep-22| 08:01 \nmsscpi.dll| msscpi.dll| 16.0.15601.20072| 294848| 14-Sep-22| 08:01 \nsoccom.js| socialcomment.js| | 23528| 14-Sep-22| 08:01 \nupa14plc.config| policy.14.0.microsoft.office.server.userprofiles.config| | 606| 14-Sep-22| 08:01 \nmicrosoft.ceres.monitoring.dll| microsoft.ceres.monitoring.dll| 16.0.15601.20072| 93064| 14-Sep-22| 08:01 \nmicrosoft.office.web.osidefinitions.dll| microsoft.office.web.osidefinitions.dll| 16.0.15601.20144| 883640| 14-Sep-22| 08:01 \nsts_spclientnewux3e944ced30f5064d3bdc097bffb303be| 24.sp-pages-news.js| | 34184| 14-Sep-22| 08:01 \ncmis15_plc_bindings.dll| policy.15.0.microsoft.sharepoint.cmis.bindings.dll| 16.0.15601.20072| 26192| 14-Sep-22| 08:01 \ntranslationqueue.sql| translationqueue.sql| | 53178| 14-Sep-22| 08:01 \nmicrosoft.ceres.coreservices.internalservices.dllmsil| microsoft.ceres.coreservices.internalservices.dll| 16.0.15601.20072| 88960| 14-Sep-22| 08:01 \nstoreazure.xml| store_azure.xml| | 8928897| 14-Sep-22| 08:01 \nmicrosoft.ceres.nlpbase.annotationstore.dll| microsoft.ceres.nlpbase.annotationstore.dll| 16.0.15601.20072| 139648| 14-Sep-22| 08:01 \nmicrosoft.ceres.evaluation.operators.builtin.dll| microsoft.ceres.evaluation.operators.builtin.dll| 16.0.15601.20072| 127392| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchcore.documentmodel.dll| microsoft.ceres.searchcore.documentmodel.dll| 16.0.15601.20072| 34176| 14-Sep-22| 08:01 \ntax14plc.config| policy.14.0.microsoft.sharepoint.taxonomy.config| | 599| 14-Sep-22| 08:01 \nsp.runtime.js| sp.runtime.js| | 115649| 14-Sep-22| 08:01 \nxmlrw_xl.dll| xmlrw_xl.dll| 2015.0130.1605.913| 313256| 14-Sep-22| 08:01 \nmicrosoft.fileservices.serverstub.v1.dll| microsoft.fileservices.serverstub.v1.dll| 16.0.15601.20144| 88976| 14-Sep-22| 08:01 \nmicrosoft.office.officialfilesoap.dll| microsoft.office.officialfilesoap.dll| 16.0.15601.20144| 37304| 14-Sep-22| 08:01 \nnl7data001e.dll_osssearch| nl7data001e.dll| 16.0.15601.20072| 951280| 14-Sep-22| 08:01 \nsts.spucworkerprocess.exe| spucworkerprocess.exe| 16.0.15601.20158| 67672| 14-Sep-22| 08:01 \nhashtagprofile.js| hashtagprofile.js| | 3287| 14-Sep-22| 08:01 \nsts_spclientnewux22654bb7032aae138d0a812e4eaf0636| 24.sp-pages-planner.js| | 3546| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.publishing.portable.dll.x64| microsoft.sharepoint.client.publishing.portable.dll| 16.0.15601.20072| 82440| 14-Sep-22| 08:01 \nconversion.office.mso40uiwin32server.dll| mso40uiwin32server.dll| 16.0.15601.20142| 5329248| 14-Sep-22| 08:01 \nsp.init.js| sp.init.js| | 32954| 14-Sep-22| 08:01 \nsts_spclientnewux8df2766894df550f4ac6afa34ba23cdc| 116.twitter-web-part-property-pane-configuration.js| | 4502| 14-Sep-22| 08:01 \nmsslad.dll| msslad.dll| 16.0.15601.20072| 96704| 14-Sep-22| 08:01 \nppt.conversion.dll| pptconversion.dll| 16.0.15601.20158| 136672| 14-Sep-22| 08:01 \nmicrosoft.ceres.sharepoint.dll| microsoft.ceres.sharepoint.dll| 16.0.15601.20144| 59792| 14-Sep-22| 08:01 \ngeolocationfieldtemplate.debug.js| geolocationfieldtemplate.debug.js| | 41051| 14-Sep-22| 08:01 \np15vs.cfg| policy.15.0.microsoft.office.visio.server.config| | 599| 14-Sep-22| 08:01 \nps14dwrk.config| policy.14.0.microsoft.office.project.server.workflow.defaultworkflow.config| | 626| 14-Sep-22| 08:01 \nmicrosoft.ceres.contentengine.properties.dll| microsoft.ceres.contentengine.properties.dll| 16.0.15601.20072| 28048| 14-Sep-22| 08:01 \nsearchom.dll_0005| microsoft.sharepoint.search.dll| 16.0.15601.20144| 3859368| 14-Sep-22| 08:01 \nsp.ui.ratings.js| sp.ui.ratings.js| | 11911| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.documentmanagement.phone| microsoft.sharepoint.client.documentmanagement.phone.dll| 16.0.15601.20072| 45080| 14-Sep-22| 08:01 \ncmssummarylinks_js| cmssummarylinks.js| | 6017| 14-Sep-22| 08:01 \nconversion.proof.mshy2_pb.dll| mshy7pb.dll| 16.0.15601.20072| 160192| 14-Sep-22| 08:01 \nms.rte.js| ms.rte.js| | 403472| 14-Sep-22| 08:01 \nspgantt.js| spgantt.js| | 70284| 14-Sep-22| 08:01 \nsts_spclientnewux643f93e40f1adc23cf7615a5fa96a5c9| 119.1.js| | 14359| 14-Sep-22| 08:01 \nmicrosoft.office.server.search.serverproxy.dll| microsoft.office.server.search.serverproxy.dll| 16.0.15601.20144| 297920| 14-Sep-22| 08:01 \nps14lib.dll| policy.14.0.microsoft.office.project.server.library.dll| 16.0.15601.20072| 25688| 14-Sep-22| 08:01 \nmicrosoft.ceres.contentengine.processing.security.dll| microsoft.ceres.contentengine.processing.security.dll| 16.0.15601.20072| 68000| 14-Sep-22| 08:01 \nmicrosoft_office_server_conversions_loadbalancer_exe| microsoft.office.server.conversions.loadbalancer.exe| 16.0.15601.20144| 47600| 14-Sep-22| 08:01 \nconversion.vccorlib140.dll| vccorlib140.dll| | | 14-Sep-22| 08:01 \nosrv.conversion.viewerinterface.dll| microsoft.office.server.conversion.viewerinterface.dll| 16.0.15601.20072| 74768| 14-Sep-22| 08:01 \naxl14plc.dll| policy.14.0.antixsslibrary.dll| 16.0.15601.20072| 25592| 14-Sep-22| 08:01 \nmicrosoft.ceres.nlpbase.languageandencodingdetection.dll| microsoft.ceres.nlpbase.languageandencodingdetection.dll| 16.0.15601.20072| 43904| 14-Sep-22| 08:01 \nlinq14.config| policy.14.0.microsoft.sharepoint.linq.config| | 595| 14-Sep-22| 08:01 \nclientrenderer.js| clientrenderer.js| | 12960| 14-Sep-22| 08:01 \nfilepreview.debug.js| filepreview.debug.js| | 25986| 14-Sep-22| 08:01 \nsp.core.debug.js| sp.core.debug.js| | 166164| 14-Sep-22| 08:01 \nossex.dll_0001| microsoft.office.server.search.exchangeadapter.dll| 16.0.15601.20144| 117208| 14-Sep-22| 08:01 \nmicrosoft.office.excel.webui.dll| microsoft.office.excel.webui.dll| 16.0.15601.20144| 119704| 14-Sep-22| 08:01 \nsfulsman| microsoft.ceres.diagnostics.dll| 16.0.15601.20072| 955800| 14-Sep-22| 08:01 \nmicrosoft.ceres.flighting.dll| microsoft.ceres.flighting.dll| 16.0.15601.20072| 168320| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchcore.graphstatusmodel.dll| microsoft.ceres.searchcore.graphstatusmodel.dll| 16.0.15601.20072| 30120| 14-Sep-22| 08:01 \nosrv12.dll| policy.12.0.microsoft.office.server.dll| 16.0.15601.20072| 25632| 14-Sep-22| 08:01 \nsp.ui.combobox.debug.js| sp.ui.combobox.debug.js| | 100153| 14-Sep-22| 08:01 \nmsolap.dll| msolap_xl.dll| 2015.0130.1700.1119| 8762304| 14-Sep-22| 08:01 \nsts_odspnextnewux795d12a100cd0691f928c64b88b80240| odrestore.js| | 390370| 14-Sep-22| 08:01 \nmicrosoft.office.project.server.communications.dll| microsoft.office.project.server.communications.dll| 16.0.15601.20144| 381344| 14-Sep-22| 08:01 \nflt15plc.config| policy.15.0.microsoft.office.server.filtercontrols.config| | 608| 14-Sep-22| 08:01 \ndlc.workflow.routing.dll| microsoft.office.workflow.routing.dll| 16.0.15601.20144| 132504| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.spx.websitecore.dll| microsoft.sharepoint.spx.websitecore.dll| 16.0.15601.20144| 136680| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.killswitch.dll| microsoft.sharepoint.killswitch.dll| 16.0.15601.20072| 41872| 14-Sep-22| 08:01 \nsts_spclientnewux96fbeacb80b41e044617bbe3fade4c6c| sp-webpart-workbench-assembly.js| | 1967218| 14-Sep-22| 08:01 \nps14lib.config| policy.14.0.microsoft.office.project.server.library.config| | 609| 14-Sep-22| 08:01 \nppt.conversion.gkpowerpoint.dll| gkpowerpoint.dll| 16.0.15601.20072| 3009920| 14-Sep-22| 08:01 \nmicrosoft.eedict_companies.dll| microsoft.eedict_companies| 16.0.15601.20158| 109874568| 14-Sep-22| 08:01 \nconversion.proof.mshy2_ge.dll| mshy7ge.dll| 16.0.15601.20072| 160200| 14-Sep-22| 08:01 \nconversion.proof.mshy2_ru.lex| mshy7ru.lex| | 375296| 14-Sep-22| 08:01 \nxui.debug.js| xui.debug.js| | 45549| 14-Sep-22| 08:01 \nupgrade.dll_001| microsoft.sharepoint.portal.upgrade.dll| 16.0.15601.20144| 149920| 14-Sep-22| 08:01 \nws15wsa.config| policy.15.0.microsoft.sharepoint.workflowservices.applicationpages.config| | 624| 14-Sep-22| 08:01 \nmicrosoft.ceres.coreservices.management.dll| microsoft.ceres.coreservices.management.dll| 16.0.15601.20072| 59264| 14-Sep-22| 08:01 \nmicrosoft.ceres.interactionengine.tools.processingengineapi.dll1| microsoft.ceres.interactionengine.tools.processingengineapi.dll| 16.0.15601.20072| 30096| 14-Sep-22| 08:01 \nmicrosoft.office.client.policy.dll.x64| microsoft.office.client.policy.dll| 16.0.15601.20072| 33208| 14-Sep-22| 08:01 \nbar12plc.dll| policy.12.0.microsoft.office.policy.barcode.generator.dll| 16.0.15601.20072| 26216| 14-Sep-22| 08:01 \nprm004a.bin_osssearch| prm004a.bin| | 14400512| 14-Sep-22| 08:01 \nclientpeoplepicker.js| clientpeoplepicker.js| | 44310| 14-Sep-22| 08:01 \nsts_spclientnewux0f7a1c3e2fdc351b0b5e55a6ee716d41| 61.live-persona-card-loader.js| | 168414| 14-Sep-22| 08:01 \nps15plc.config| policy.15.0.microsoft.office.project.server.pwa.config| | 605| 14-Sep-22| 08:01 \nsp.js| sp.js| | 1042330| 14-Sep-22| 08:01 \nspmap.debug.js| sp.map.debug.js| | 15759| 14-Sep-22| 08:01 \nconversion.proof.mshy2_lt.lex| mshy7lt.lex| | 69632| 14-Sep-22| 08:01 \nmicrosoft.ceres.usageanalytics.analysis.dllmsil| microsoft.ceres.usageanalytics.analysis.dll| 16.0.15601.20144| 237432| 14-Sep-22| 08:01 \nmsvcp140_2.dll.dfefc2fe_eee6_424c_841b_d4e66f0c84a3| msvcp140_2.dll| 14.29.30135.0| 185720| 14-Sep-22| 08:01 \nbusdata.dll| microsoft.businessdata.dll| 16.0.15601.20072| 136192| 14-Sep-22| 08:01 \nsharepointcmisbindings_gac.dll| microsoft.sharepoint.cmis.bindings.dll| 16.0.15601.20144| 163728| 14-Sep-22| 08:01 \nmicrosoft.ceres.docparsing.formathandlers.pptx.dllmsil| microsoft.ceres.docparsing.formathandlers.pptx.dll| 16.0.15601.20072| 135048| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchcore.utils.dll| microsoft.ceres.searchcore.utils.dll| 16.0.15601.20072| 133512| 14-Sep-22| 08:01 \nprm0022.bin_osssearch| prm0022.bin| | 22446592| 14-Sep-22| 08:01 \nprm003e.bin_osssearch| prm003e.bin| | 14171136| 14-Sep-22| 08:01 \nwssadmop.dll_0001| microsoft.sharepoint.administrationoperation.dll| 16.0.15601.20072| 1208832| 14-Sep-22| 08:01 \nconversion.office.osfsharedserver.dll| osfsharedserver.dll| 16.0.15601.20120| 727936| 14-Sep-22| 08:01 \nmicrosoft.ceres.docparsing.runtime.common.dllmsil| microsoft.ceres.docparsing.runtime.common.dll| 16.0.15601.20072| 38272| 14-Sep-22| 08:01 \nconcrt140.dll.f1670fca_6780_3657_9c04_af8005ac8143| concrt140.dll| 14.29.30135.0| 243576| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.powershell.dll_0001| microsoft.sharepoint.powershell.dll| 16.0.15601.20144| 1099192| 14-Sep-22| 08:01 \nclientx.dll| microsoft.office.sharepoint.clientextensions.dll| 16.0.15601.20144| 386528| 14-Sep-22| 08:01 \nsts_spclientnewux2f600312e7b1effc1ca405455ae5f367| 24.sp-pages-social.js| | 49979| 14-Sep-22| 08:01 \ngroupeditempicker.debug.js| groupeditempicker.debug.js| | 21014| 14-Sep-22| 08:01 \npjintl_1_new.dll| pjintl.dll| | 4957024| 14-Sep-22| 08:01 \nmicrosoft.ceres.common.iobuffer.dllmsil| microsoft.ceres.common.iobuffer.dll| 16.0.15601.20072| 46504| 14-Sep-22| 08:01 \nprm0013.bin_osssearch| prm0013.bin| | 17480192| 14-Sep-22| 08:01 \nlhp14plc.config| policy.14.0.microsoft.office.slidelibrary.config| | 599| 14-Sep-22| 08:01 \ncomval.js| commonvalidation.js| | 4224| 14-Sep-22| 08:01 \nsts_odspnextnewux95c14b220e8e6a345ca52833f517b678| splistreactcontrolsdeferred.js| | 310244| 14-Sep-22| 08:01 \nsts_spclientnewuxfd89f504726adbf5b845d912d2772ba6| 24.sp-pages-navigation.js| | 19604| 14-Sep-22| 08:01 \nsts_spclientnewux350d557d61e023c81e19a61c79a7a437| 42.toolbox.js| | 34945| 14-Sep-22| 08:01 \nmysitenavigation.js| sp.ui.mysitenavigation.js| | 2523| 14-Sep-22| 08:01 \nmicrosoft.office.server.importprofileproperties| microsoft.office.server.importprofileproperties.dll| 16.0.15601.20144| 85992| 14-Sep-22| 08:01 \ncltsvr14.config| policy.14.0.microsoft.sharepoint.client.serverruntime.config| | 611| 14-Sep-22| 08:01 \napprequestmanagefieldtemplate.js| apprequestmanagefieldtemplate.js| | 1476| 14-Sep-22| 08:01 \nsp.ui.controls.debug.js| sp.ui.controls.debug.js| | 58556| 14-Sep-22| 08:01 \nrot12plc.config| policy.12.0.microsoft.office.workflow.routing.config| | 603| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.search.applications.dll.x64| microsoft.sharepoint.client.search.applications.dll| 16.0.15601.20072| 30096| 14-Sep-22| 08:01 \nspgantt.debug.js| spgantt.debug.js| | 194725| 14-Sep-22| 08:01 \nsystemsettings.xml| systemsettings.xml| | 6454| 14-Sep-22| 08:01 \nmicrosoft.ceres.coreservices.node.dll| microsoft.ceres.coreservices.node.dll| 16.0.15601.20072| 172416| 14-Sep-22| 08:01 \nuls.n_1.dll| uls.native.dll| 16.0.15601.20072| 676736| 14-Sep-22| 08:01 \nmicrosoft.ceres.interactionengine.datamodel.types.dll| microsoft.ceres.interactionengine.datamodel.types.dll| 16.0.15601.20072| 30592| 14-Sep-22| 08:01 \nconversion.proof.mshy2_ct.lex| mshy7ct.lex| | 363008| 14-Sep-22| 08:01 \nmicrosoft.office.documentmanagement.dll_isapi| microsoft.office.documentmanagement.dll| 16.0.15601.20144| 565688| 14-Sep-22| 08:01 \nmicrosoft.ceres.contentengine.processing.external.dll| microsoft.ceres.contentengine.processing.external.dll| 16.0.15601.20072| 178568| 14-Sep-22| 08:01 \nmicrosoft.ceres.docparsing.formathandlers.docx.dllmsil| microsoft.ceres.docparsing.formathandlers.docx.dll| 16.0.15601.20072| 144784| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.runtime.windowsstore.dll.x64| microsoft.sharepoint.client.runtime.windowsstore.dll| 16.0.15601.20072| 30728| 14-Sep-22| 08:01 \nwsshelp.xml_2070| microsoft.sharepoint.powershell.dll-help.xml| | | 14-Sep-22| 08:22 \ndesigngallery.debug.js| designgallery.debug.js| | 47390| 14-Sep-22| 08:01 \ninit.js_0001| init.js| | 302795| 14-Sep-22| 08:01 \ndefault.xml| default.xml| | 13403| 14-Sep-22| 08:01 \ntmper_xl.dll| tmpersistence_xl.dll| 2015.0130.1700.1119| 1111480| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchcore.seeding.dll| microsoft.ceres.searchcore.seeding.dll| 16.0.15601.20072| 139648| 14-Sep-22| 08:01 \nmicrosoft.office.client.policy.portable.x64| microsoft.office.client.policy.portable.dll| 16.0.15601.20072| 33736| 14-Sep-22| 08:01 \nsharing.js| sharing.js| | 135350| 14-Sep-22| 08:01 \nprm0005.bin_osssearch| prm0005.bin| | 18861568| 14-Sep-22| 08:01 \nmfc140kor.dll.dfefc2fe_eee6_424c_841b_d4e66f0c84a3| mfc140kor.dll| | 46992| 14-Sep-22| 08:01 \nconnector.dll_0001| microsoft.sharepoint.connector.dll| 16.0.15601.20144| 276888| 14-Sep-22| 08:01 \nsts_odspnextnewux308f9878bc3bd35d6e7c02477ff10b6f| odbdeferredcontrols.js| | 698906| 14-Sep-22| 08:01 \nsts_odspnextnewux72bfe35ac1f8fee6cf37ba0be87c481a| sitehubreactcontrolsdeferred.js| | 43221| 14-Sep-22| 08:01 \npeopledebug.js1| sp.ui.people.debug.js| | 87048| 14-Sep-22| 08:01 \nspxwebapppage14plc.dll| policy.14.0.microsoft.sharepoint.spx.website.applicationpages.dll| 16.0.15601.20072| 26208| 14-Sep-22| 08:01 \nmicrosoft.ceres.docparsing.formathandlers.pdf.dllmsil| microsoft.ceres.docparsing.formathandlers.pdf.dll| 16.0.15601.20072| 4214656| 14-Sep-22| 08:01 \nmicrosoft.office.client.policy.phone| microsoft.office.client.policy.phone.dll| 16.0.15601.20072| 33232| 14-Sep-22| 08:01 \nsp.requestexecutor.debug.js| sp.requestexecutor.debug.js| | 100405| 14-Sep-22| 08:01 \ntimecard.js| timecard.js| | 21192| 14-Sep-22| 08:01 \nsts_spclientnewuxc72c24b1807f31ca72094d6963a1763e| sp-button-webpart-bundle.js| | 12105| 14-Sep-22| 08:01 \ncsisrv.dll| csisrv.dll| 16.0.15601.20072| 836000| 14-Sep-22| 08:01 \nsts_spclientnewux7247956bfbd14bdf29eb9b369a3cada4| 24.sp-pages-panels.js| | 725152| 14-Sep-22| 08:01 \nbitreeview.js| bitreeview.js| | 12881| 14-Sep-22| 08:01 \nportal.js| portal.js| | 52483| 14-Sep-22| 08:01 \nannouncementtiles.js| sp.ui.announcementtiles.js| | 8784| 14-Sep-22| 08:01 \nspx.dll_0001| microsoft.sharepoint.spx.dll| 16.0.15601.20144| 201104| 14-Sep-22| 08:01 \nws15ws.config| policy.15.0.microsoft.sharepoint.workflowservices.config| | 607| 14-Sep-22| 08:01 \nexceldm.dll| microsoft.office.excel.datamodel.dll| 16.0.15601.20072| 320856| 14-Sep-22| 08:01 \nmicrosoft.ceres.interactionengine.component.dll| microsoft.ceres.interactionengine.component.dll| 16.0.15601.20072| 219024| 14-Sep-22| 08:01 \nspflightrawconfig.json| spflightrawconfig.json| | 120353| 14-Sep-22| 08:01 \nmicrosoft_sharepoint_dsp_soappt.dll| microsoft.sharepoint.dsp.soappt.dll| 16.0.15601.20144| 87440| 14-Sep-22| 08:01 \nsubsetshim.dll_0001| microsoft.sharepoint.dll| 16.900.15601.20158| 2325992| 14-Sep-22| 08:01 \nsts_spclientnewuxbcc7a205fa7b7add1b35a385f56f4fa8| 119.20.js| | 333| 14-Sep-22| 08:01 \nsts_spclientnewuxb75bd0efb449fb47345863b217d1a1ae| 24.21.js| | 40459| 14-Sep-22| 08:01 \nmicrosoft.ceres.nlpbase.stringdistance.dll| microsoft.ceres.nlpbase.stringdistance.dll| 16.0.15601.20072| 31640| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchanalytics.analytics.dllmsil| microsoft.ceres.searchanalytics.analytics.dll| 16.0.15601.20144| 1276792| 14-Sep-22| 08:01 \nvcruntime140.dll.f1670fca_6780_3657_9c04_af8005ac8143| vcruntime140.dll| 14.29.30135.0| 76152| 14-Sep-22| 08:01 \nwfs14plc.config| policy.14.0.microsoft.sharepoint.workflows.config| | 600| 14-Sep-22| 08:01 \nblank.debug.js| blank.debug.js| | 755| 14-Sep-22| 08:01 \nxlspci.dll| microsoft.excel.spclient.interfaces.dll| 13.0.1605.913| 26520| 14-Sep-22| 08:01 \nconversion.proof.mshy2_gl.dll| mshy7gl.dll| 16.0.15601.20072| 160192| 14-Sep-22| 08:01 \npjevtsvc.exe| microsoft.office.project.server.eventing.exe| 16.0.15601.20144| 37352| 14-Sep-22| 08:01 \nps15wrk.config| policy.15.0.microsoft.office.project.server.workflow.config| | 610| 14-Sep-22| 08:01 \nnl7models001e.dll_osssearch| nl7models001e.dll| 16.0.15601.20072| 1138712| 14-Sep-22| 08:01 \nvideoportal.js| videoportal.js| | 14744| 14-Sep-22| 08:01 \nmicrosoft.ceres.contentengine.cmdlets.dll_1| microsoft.ceres.contentengine.cmdlets.dll| 16.0.15601.20072| 48040| 14-Sep-22| 08:01 \nconversion.chartserver.dll| chartserver.dll| 16.0.15601.20120| 12906408| 14-Sep-22| 08:01 \nosrv.conversion.framework.dll| microsoft.office.server.conversion.framework.dll| 16.0.15601.20156| 289248| 14-Sep-22| 08:01 \nowsbrows.debug.js| owsbrows.debug.js| | 24954| 14-Sep-22| 08:01 \nwsshelp.xml_1057| microsoft.sharepoint.powershell.dll-help.xml| | | 14-Sep-22| 08:23 \nsts_spclientnewux80b44f2e39ba217a839db6bce391e90c| 24.19.js| | 5397| 14-Sep-22| 08:01 \nmfc140u.dll.f1670fca_6780_3657_9c04_af8005ac8143| mfc140u.dll| 14.29.30135.0| 5126008| 14-Sep-22| 08:01 \nconversion.proof.mshy2_sr.lex| mshy7srm.lex| | 161280| 14-Sep-22| 08:01 \nspui_psd.js| sp.ui.promotedsites.debug.js| | 24862| 14-Sep-22| 08:01 \nph12plc.config| policy.14.0.microsoft.office.project.shared.config| | 601| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.serverruntime.dll_0001| microsoft.sharepoint.client.serverruntime.dll| 16.0.15601.20072| 730104| 14-Sep-22| 08:01 \nsts_spclientnewux78fc6c56623222d8dfcf75c9b0a2e7a4| sp-http.js| | 44021| 14-Sep-22| 08:01 \ngac_microsoft.sharepoint.spx.website.ribbon| microsoft.sharepoint.spx.website.ribbon.dll| 16.0.15601.20144| 47104| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.publishing.phone.dll| microsoft.sharepoint.client.publishing.phone.dll| 16.0.15601.20072| 81896| 14-Sep-22| 08:01 \nosfserver_silverlight_dll.x64| microsoft.sharepoint.client.workflowservices.silverlight.dll| 16.0.15601.20072| 54296| 14-Sep-22| 08:01 \njsgrid.debug.js| jsgrid.debug.js| | 1188699| 14-Sep-22| 08:01 \nsstring.dll| microsoft.sqlserver.configuration.sstring.dll| | 27560| 14-Sep-22| 08:01 \nsprequestfilteringmodule.dll| sprequestfilteringmodule.dll| | 56672| 14-Sep-22| 08:01 \nsp.ui.reputation.debug.js| sp.ui.reputation.debug.js| | 42482| 14-Sep-22| 08:01 \nps15dwrk.config| policy.15.0.microsoft.office.project.server.workflow.defaultworkflow.config| | 626| 14-Sep-22| 08:01 \npicturemosaic.xap| picturemosaic.xap| | 25803| 14-Sep-22| 08:01 \nsts_spclientnewux8931adad241dabfaf26a7457efceb268| 24.sp-news-digest-layout-component.js| | 77347| 14-Sep-22| 08:01 \nmicrosoft.office.project.schema.dll| microsoft.office.project.schema.dll| 16.0.15601.20144| 6745480| 14-Sep-22| 08:01 \nwdsrv.policy14.dll| policy.14.0.microsoft.office.word.server.dll| 16.0.15601.20072| 25608| 14-Sep-22| 08:01 \nmicrosoft.ceres.contentengine.repository.dll| microsoft.ceres.contentengine.repository.dll| 16.0.15601.20072| 112552| 14-Sep-22| 08:01 \ntsk15plc.config| policy.15.0.microsoft.office.workflow.tasks.config| | 601| 14-Sep-22| 08:01 \nnl7models000c.dll_osssearch| nl7models000c.dll| 16.0.15601.20072| 5863456| 14-Sep-22| 08:01 \nbusinessdata15.dll| policy.15.0.microsoft.businessdata.dll| 16.0.15601.20072| 25608| 14-Sep-22| 08:01 \nmssdmn.exe| mssdmn.exe| 16.0.15601.20072| 950208| 14-Sep-22| 08:01 \nosfextap.dll| microsoft.sharepoint.officeextension.applicationpages.dll| 16.0.15601.20144| 27104| 14-Sep-22| 08:01 \nosrv12.config| policy.12.0.microsoft.office.server.config| | 593| 14-Sep-22| 08:01 \nbar15plc.config| policy.15.0.microsoft.office.policy.barcode.generator.config| | 611| 14-Sep-22| 08:01 \naccreqctl.js| accessrequestscontrol.js| | 11684| 14-Sep-22| 08:01 \nwsshelp.xml_1053| microsoft.sharepoint.powershell.dll-help.xml| | | 14-Sep-22| 08:22 \nspxwebcore14plc.config| policy.14.0.microsoft.sharepoint.spx.websitecore.config| | 606| 14-Sep-22| 08:01 \nsts_odspnextnewux93b96c9ec083c1109a79bd3123411cdf| recyclebinscenario.js| | 518815| 14-Sep-22| 08:01 \nsts_spclientnewux6b8c7c4233559a13836ef1a691ba7023| sp-loader.js| | 147268| 14-Sep-22| 08:01 \nonfda.dll| onfda.dll| 16.0.15601.20072| 1554848| 14-Sep-22| 08:01 \nmicrosoft.online.sharepoint.dedicated.tenantadmin.serverstub.dll| microsoft.online.sharepoint.dedicated.tenantadmin.serverstub.dll| 16.0.15601.20144| 88088| 14-Sep-22| 08:01 \ncreatesharedfolderdialog.debug.js| createsharedfolderdialog.debug.js| | 43148| 14-Sep-22| 08:01 \nmicrosoft.office.client.policy.silverlight.x64| microsoft.office.client.policy.silverlight.dll| 16.0.15601.20072| 33768| 14-Sep-22| 08:01 \naudjob.exe| audiencejob.exe| 16.0.15601.20144| 25656| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchcore.fastserver.fusion.dll| microsoft.ceres.searchcore.fastserver.fusion.dll| 16.0.15601.20072| 715160| 14-Sep-22| 08:01 \nconversion.proof.mshy2_eu.lex| mshy7eu.lex| | 195072| 14-Sep-22| 08:01 \nprm0025.bin_osssearch| prm0025.bin| | 12383744| 14-Sep-22| 08:01 \nonetutil.dll| onetutil.dll| 16.0.15601.20072| 2559896| 14-Sep-22| 08:01 \nmfc140.dll.dfefc2fe_eee6_424c_841b_d4e66f0c84a3| mfc140.dll| | 5619088| 14-Sep-22| 08:01 \noss15plc.config| policy.15.0.microsoft.office.server.search.config| | 600| 14-Sep-22| 08:01 \nmfc140ita.dll.dfefc2fe_eee6_424c_841b_d4e66f0c84a3| mfc140ita.dll| | 66448| 14-Sep-22| 08:01 \nsts_spclientnewux6c85212e5fd53659abdaac84362ead1f| sp-documentembed-webpart-bundle.js| | 101344| 14-Sep-22| 08:01 \nmicrosoft.ceres.analysisengine.engine.dllmsil| microsoft.ceres.analysisengine.engine.dll| 16.0.15601.20144| 455576| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchcore.indexes.fastserverindex.dll| microsoft.ceres.searchcore.indexes.fastserverindex.dll| 16.0.15601.20072| 198032| 14-Sep-22| 08:01 \nprm0047.bin_osssearch| prm0047.bin| | 14263296| 14-Sep-22| 08:01 \nsts_spclientnewuxe919d8186ac54041abc77835b0d271ec| 73.systemjs-component-loader.js| | 278| 14-Sep-22| 08:01 \nsts_spclientnewux0f0a791edc74596ada24eae6908523ca| odsp-utilities-bundle.js| | 203959| 14-Sep-22| 08:01 \nhomeapi.dll_isapi| microsoft.sharepoint.homeapi.dll| 16.0.15601.20144| 337840| 14-Sep-22| 08:01 \nnl7data0011.dll_osssearch| nl7data0011.dll| 16.0.15601.20072| 7739392| 14-Sep-22| 08:01 \nwsshelp.xml_1055| microsoft.sharepoint.powershell.dll-help.xml| | | 14-Sep-22| 08:22 \nmicrosoft.projectserver.serverproxy.dll| microsoft.projectserver.serverproxy.dll| 16.0.15601.20144| 1204192| 14-Sep-22| 08:01 \nmicrosoft.ceres.docparsing.formathandlers.html.dllmsil| microsoft.ceres.docparsing.formathandlers.html.dll| 16.0.15601.20072| 1160064| 14-Sep-22| 08:01 \nmicrosoft.ceres.nlpbase.diagnostics.dll| microsoft.ceres.nlpbase.diagnostics.dll| 16.0.15601.20072| 31104| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchcore.fastserver.dumplib.managed.dll| microsoft.ceres.searchcore.fastserver.dumplib.managed.dll| 16.0.15601.20072| 69024| 14-Sep-22| 08:01 \nsts_spclientnewux3436740e82f30185ab432f7dbe7eed84| sp-twitter-webpart-bundle.js| | 44091| 14-Sep-22| 08:01 \nmicrosoft.ceres.contentengine.parsing.operators.dll| microsoft.ceres.contentengine.parsing.operators.dll| 16.0.15601.20072| 100264| 14-Sep-22| 08:01 \nmicrosoft.ceres.hostcontroller.wcfclient.dllmsil| microsoft.ceres.hostcontroller.wcfclient.dll| 16.0.15601.20072| 28576| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.taxonomy.dll_gac.x64| microsoft.sharepoint.client.taxonomy.dll| 16.0.15601.20072| 84904| 14-Sep-22| 08:01 \nows.debug.js| ows.debug.js| | 713222| 14-Sep-22| 08:01 \nsts_spclientnewux166747c481253c17bb6881f5e4242291| 54.page-picker-component.js| | 159799| 14-Sep-22| 08:01 \nactivitylistitemprocessor.dll_0001| microsoft.sharepoint.activities.listitemsprocessor.dll| 16.0.15601.20144| 34680| 14-Sep-22| 08:01 \nsso14plc.dll| policy.14.0.microsoft.office.securestoreservice.dll| 16.0.15601.20072| 26160| 14-Sep-22| 08:01 \nsts_odspnextnewuxb680d3a8e2013810dae29dafe4d75340| spofiles.js| | 631418| 14-Sep-22| 08:01 \nsts_odspnextnewuxafb6081087eefbfe800401ef617122bd| sitehubreactcontrolsbeforeplt.js| | 1514702| 14-Sep-22| 08:01 \nsearchom.dll_0003| microsoft.sharepoint.search.dll| 16.0.15601.20144| 3859368| 14-Sep-22| 08:01 \nmicrosoft.transformation.ut_lc.dll| microsoft.transformation.ut_lc.dll| 16.0.15601.20158| 73608| 14-Sep-22| 08:01 \nsso14plc.config| policy.14.0.microsoft.office.securestoreservice.config| | 605| 14-Sep-22| 08:01 \ndsigres.cab.x64_1087| dsigres.cab| | 237263| 14-Sep-22| 08:22 \noffline.debug.js| offline.debug.js| | 22154| 14-Sep-22| 08:01 \nsts_spclientnewuxdff71770651a22ac595074d0e8df5b81| 119.8.js| | 4182| 14-Sep-22| 08:01 \nsts_spclientnewuxf9d542f5e7a1ffba716f8cf63efa490b| sp-webpart-base.js| | 108213| 14-Sep-22| 08:01 \nprm0001.bin_osssearch| prm0001.bin| | 18209280| 14-Sep-22| 08:01 \nwss12plc.dll| policy.12.0.microsoft.sharepoint.search.dll| 16.0.15601.20072| 25624| 14-Sep-22| 08:01 \np14vs.cfg| policy.14.0.microsoft.office.visio.server.config| | 599| 14-Sep-22| 08:01 \nwdsrv.web.config| web.config| | 8266| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchcore.filetransfer.dll| microsoft.ceres.searchcore.filetransfer.dll| 16.0.15601.20072| 53120| 14-Sep-22| 08:01 \nquicklaunch.js| quicklaunch.js| | 74050| 14-Sep-22| 08:01 \nmysiterecommendationsui.js| sp.ui.mysiterecommendations.js| | 7268| 14-Sep-22| 08:01 \nsp.storefront.debug.js| sp.storefront.debug.js| | 444270| 14-Sep-22| 08:01 \nimportcert.asx| importcertificate.aspx| | 9418| 14-Sep-22| 08:01 \nwsshelp.xml_1066| microsoft.sharepoint.powershell.dll-help.xml| | | 14-Sep-22| 08:22 \nchoicebuttonfieldtemplate.js| choicebuttonfieldtemplate.js| | 2743| 14-Sep-22| 08:01 \nsts_spclientnewux80477eda0db88481a24ec28e3ec1a3d4| sp-component-base.js| | 16933| 14-Sep-22| 08:01 \nsrchetw.dll| microsoft.office.server.search.etw.dll| 16.0.15601.20144| 1143672| 14-Sep-22| 08:01 \nsp.ui.rte.publishing.js| sp.ui.rte.publishing.js| | 49718| 14-Sep-22| 08:01 \ngac_microsoft.sharepoint.spx.website.applicationpages| microsoft.sharepoint.spx.website.applicationpages.dll| 16.0.15601.20144| 449584| 14-Sep-22| 08:01 \nconversion.proof.mshy2_es.dll| mshy7es.dll| 16.0.15601.20072| 160192| 14-Sep-22| 08:01 \nmsvcp140_atomic_wait.dll.f1670fca_6780_3657_9c04_af8005ac8143| msvcp140_atomic_wait.dll| | 52088| 14-Sep-22| 08:01 \nmicrosoft.ceres.contentengine.recordcache.dll| microsoft.ceres.contentengine.recordcache.dll| 16.0.15601.20072| 29568| 14-Sep-22| 08:01 \nmicrosoft.ceres.docparsing.formathandlers.jpeg.dllmsil| microsoft.ceres.docparsing.formathandlers.jpeg.dll| 16.0.15601.20072| 30632| 14-Sep-22| 08:01 \nmicrosoft.ceres.docparsing.runtime.core.dllmsil| microsoft.ceres.docparsing.runtime.core.dll| 16.0.15601.20072| 176512| 14-Sep-22| 08:01 \nmicrosoft.office.workflow.feature.dll| microsoft.office.workflow.feature.dll| 16.0.15601.20144| 42904| 14-Sep-22| 08:01 \nsp.ui.spellcheck.debug.js| sp.ui.spellcheck.debug.js| | 68393| 14-Sep-22| 08:01 \nhashtagprofile.debug.js| hashtagprofile.debug.js| | 6184| 14-Sep-22| 08:01 \nmicrosoft.office.server.search.contentprocessingenrichment.dllmsil| microsoft.office.server.search.contentprocessingenrichment.dll| 16.0.15601.20072| 29080| 14-Sep-22| 08:01 \nsts_odspnextnewux30484b0717864b439efabcb4caaf6538| spoapp.js| | 282689| 14-Sep-22| 08:01 \nclkprdct.dll| microsoft.office.server.search.clickpredict.dll| 16.0.15601.20144| 204736| 14-Sep-22| 08:01 \nifs14.config| policy.14.0.microsoft.office.infopath.server.config| | 602| 14-Sep-22| 08:01 \nmicrosoft.office.project.server.workflow.dll| microsoft.office.project.server.workflow.dll| 16.0.15601.20144| 204672| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchcore.cheetah.dll| microsoft.ceres.searchcore.cheetah.dll| 16.0.15601.20072| 28072| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchcore.fastservermessages.dll| microsoft.ceres.searchcore.fastservermessages.dll| 16.0.15601.20072| 113536| 14-Sep-22| 08:01 \nsts_spclientnewuxec0d18f646f918f9cae4bd08ccdc09ab| sp-quickchart-webpart-bundle.js| | 293520| 14-Sep-22| 08:01 \nsp.ui.pub.ribbon.js| sp.ui.pub.ribbon.js| | 84981| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.spx.website.applicationpages.pdb| microsoft.sharepoint.spx.website.applicationpages.pdb| | 1172992| 14-Sep-22| 08:01 \nosfserver_workflow_dll| microsoft.sharepoint.workflowservices.dll| 16.0.15601.20144| 497088| 14-Sep-22| 08:01 \nmicrosoft.ceres.platform.parallax.dll| microsoft.ceres.platform.parallax.dll| 16.0.15601.20072| 410000| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchcore.contentrouter.dll| microsoft.ceres.searchcore.contentrouter.dll| 16.0.15601.20072| 64408| 14-Sep-22| 08:01 \nctp.js| ctp.js| | 4244| 14-Sep-22| 08:01 \nsp.core.js| sp.core.js| | 87988| 14-Sep-22| 08:01 \nschedengine.exe| schedengine.exe| 16.0.15601.20118| 17606112| 14-Sep-22| 08:01 \nsts_spclientnewux6c3d8d275dd7351021418bffbebe3d8c| sp-spacer-webpart-bundle.js| | 44108| 14-Sep-22| 08:01 \nmicrosoft.office.documentmanagement.adminpages.dll| microsoft.office.documentmanagement.adminpages.dll| 16.0.15601.20144| 29664| 14-Sep-22| 08:01 \nspsec12.config| policy.12.0.microsoft.sharepoint.security.config| | 599| 14-Sep-22| 08:01 \ncltsvr15.config| policy.15.0.microsoft.sharepoint.client.serverruntime.config| | 611| 14-Sep-22| 08:01 \nsts_spclientnewux294ffd36afbed5a9fdb51794f4f3a730| sp-default-assembly.js| | 1456949| 14-Sep-22| 08:01 \nsts_spclientnewuxc21a3246bdf5a3aa770903ed6fd493ee| sp-pages.js| | 571464| 14-Sep-22| 08:01 \ncfw14plc.config| policy.14.0.microsoft.office.server.search.connector.config| | 610| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchcore.repartitioncomponent.dll| microsoft.ceres.searchcore.repartitioncomponent.dll| 16.0.15601.20072| 49544| 14-Sep-22| 08:01 \nmicrosoft.office.client.policy.dll_0001.x64| microsoft.office.client.policy.dll| 16.0.15601.20072| 33208| 14-Sep-22| 08:01 \nmicrosoft.office.policy.serverstub| microsoft.office.policy.serverstub.dll| 16.0.15601.20144| 55296| 14-Sep-22| 08:01 \nmicrosoft.office.web.common.dll| microsoft.office.web.common.dll| 16.0.15601.20152| 3915648| 14-Sep-22| 08:01 \nsts_odspnextnewuxc20d13897d513d628243ef8eadce0dfe| odbonedriveapp.js| | 444140| 14-Sep-22| 08:01 \nifswfepriv.dll| microsoft.office.infopath.server.dll| 16.0.15601.20144| 3114880| 14-Sep-22| 08:01 \nrot14plc.dll| policy.14.0.microsoft.office.workflow.routing.dll| 16.0.15601.20072| 26152| 14-Sep-22| 08:01 \nmicrosoft_sharepoint_dsp.dll| microsoft.sharepoint.dsp.dll| 16.0.15601.20072| 60288| 14-Sep-22| 08:01 \ncvtp.js| cvtp.js| | 2704| 14-Sep-22| 08:01 \nconnfxph.dll| connectorph.dll| 16.0.15601.20144| 264640| 14-Sep-22| 08:01 \nonetnative_1.dll| onetnative.dll| 16.0.15601.20072| 826280| 14-Sep-22| 08:01 \ncms12plc.config| policy.12.0.microsoft.sharepoint.publishing.config| | 601| 14-Sep-22| 08:01 \nmicrosoft.ceres.nlpbase.transformers.dll| microsoft.ceres.nlpbase.transformers.dll| 16.0.15601.20072| 41352| 14-Sep-22| 08:01 \nsrchportability.dll| microsoft.office.server.search.portability.dll| 16.0.15601.20144| 29632| 14-Sep-22| 08:01 \nmicrosoft.ceres.docparsing.formathandlers.common.metro.dllmsil| microsoft.ceres.docparsing.formathandlers.common.metro.dll| 16.0.15601.20072| 56232| 14-Sep-22| 08:01 \nprm281a.bin_osssearch| prm281a.bin| | 20145152| 14-Sep-22| 08:01 \nws15wsb.config| policy.15.0.microsoft.sharepoint.workflowservicesbase.config| | 611| 14-Sep-22| 08:01 \nmicrosoft.ceres.coreservices.constellation.dll| microsoft.ceres.coreservices.constellation.dll| 16.0.15601.20072| 74624| 14-Sep-22| 08:01 \ntsk14plc.dll| policy.14.0.microsoft.office.workflow.tasks.dll| 16.0.15601.20072| 25664| 14-Sep-22| 08:01 \nconversion.proof.mshy2_kz.lex| mshy7kk.lex| | 95232| 14-Sep-22| 08:01 \ncontentfollowing.js| contentfollowing.js| | 54230| 14-Sep-22| 08:01 \nconversion.office.osfuiserver.dll| osfuiserver.dll| 16.0.15601.20120| 886680| 14-Sep-22| 08:01 \nmicrosoft.ceres.external.contentapi.graphextensions.dll| microsoft.ceres.external.contentapi.graphextensions.dll| 16.0.15601.20072| 27032| 14-Sep-22| 08:01 \nmfc140chs.dll.f1670fca_6780_3657_9c04_af8005ac8143| mfc140chs.dll| | 39816| 14-Sep-22| 08:01 \nportal.debug.js| portal.debug.js| | 94804| 14-Sep-22| 08:01 \nstsomsec.dll_0001| microsoft.sharepoint.security.dll| 16.0.15601.20072| 29592| 14-Sep-22| 08:01 \ngeolocationfieldtemplate.js| geolocationfieldtemplate.js| | 15436| 14-Sep-22| 08:01 \nmicrofeed.js| sp.ui.microfeed.js| | 230149| 14-Sep-22| 08:01 \nbar14plc.config| policy.14.0.microsoft.office.policy.barcode.generator.config| | 611| 14-Sep-22| 08:01 \nsts_spclientnewuxf6f4d7aff6b346521ef692276ec4c4c6| sp-webpart-workbench.js| | 51720| 14-Sep-22| 08:01 \ntranslation.web.config| web.config| | 8033| 14-Sep-22| 08:01 \nconversion.proof.mshy2_pt.dll| mshy7pt.dll| 16.0.15601.20072| 160192| 14-Sep-22| 08:01 \nspui_listsearchbox_debug.js| sp.ui.listsearchbox.debug.js| | 39586| 14-Sep-22| 08:01 \nparserserver.exe| parserserver.exe| 16.0.15601.20072| 40848| 14-Sep-22| 08:01 \noffice.odf| office.odf| | 2274200| 14-Sep-22| 08:01 \ncltrtm15.dll| policy.15.0.microsoft.sharepoint.client.runtime.dll| 16.0.15601.20072| 26152| 14-Sep-22| 08:01 \naccreqviewtmpl.debug.js| accessrequestsviewtemplate.debug.js| | 50013| 14-Sep-22| 08:01 \nbpstd.debug.js| bpstd.debug.js| | 8308| 14-Sep-22| 08:01 \nmicrosoft.eedict_companies_acceptor.ar.dll| microsoft.eedict_companies_acceptor.ar| 16.0.15601.20158| 9898920| 14-Sep-22| 08:01 \nmicrosoft.ceres.contentengine.bundles.dll| microsoft.ceres.contentengine.bundles.dll| 16.0.15601.20072| 51112| 14-Sep-22| 08:01 \nmapviewtemplate.debug.js| mapviewtemplate.debug.js| | 38394| 14-Sep-22| 08:01 \nsfspdiag| microsoft.ceres.diagnostics.sharepoint.dll| 16.0.15601.20144| 42360| 14-Sep-22| 08:01 \nmicrosoft.eedict_companies.ja.dll| microsoft.eedict_companies.ja| 16.0.15601.20158| 1545136| 14-Sep-22| 08:01 \nmicrosoft.eedict_companies.pt.dll| microsoft.eedict_companies.pt| 16.0.15601.20158| 28592| 14-Sep-22| 08:01 \ntsk14plc.config| policy.14.0.microsoft.office.workflow.tasks.config| | 601| 14-Sep-22| 08:01 \nsts_odspnextnewux82ec74261e20424f9653d60d8846afce| sitehub.json| | 226479| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.userprofiles.portable.dll.x64| microsoft.sharepoint.client.userprofiles.portable.dll| 16.0.15601.20072| 176608| 14-Sep-22| 08:01 \nconversion.proof.mshy2_ct.dll| mshy7ct.dll| 16.0.15601.20072| 160208| 14-Sep-22| 08:01 \nastcmmn_js| assetcommon.js| | 18255| 14-Sep-22| 08:01 \nmicrosoft.fast.descriptivemonitoring.dll| microsoft.fast.descriptivemonitoring.dll| 16.0.15601.20072| 115600| 14-Sep-22| 08:01 \nmicrosoft.transformation.ut_lcdr.dll| microsoft.transformation.ut_lcdr.dll| 16.0.15601.20158| 80768| 14-Sep-22| 08:01 \nmicrosoft.office.discovery.soap.dll| microsoft.office.discovery.soap.dll| 16.0.15601.20144| 30632| 14-Sep-22| 08:01 \nprm000d.bin_osssearch| prm000d.bin| | 16656384| 14-Sep-22| 08:01 \nwsshelp.xml_1045| microsoft.sharepoint.powershell.dll-help.xml| | | 14-Sep-22| 08:25 \ncreatesharedfolderdialog.js| createsharedfolderdialog.js| | 18922| 14-Sep-22| 08:01 \noss.querybox_js| querybox.all.js| | 268608| 14-Sep-22| 08:01 \nsts_spclientnewux505b813f33e9dabca885f089ccf98f2a| 114.sp-people-contact-card.js| | 13878| 14-Sep-22| 08:01 \ncltrtm14.dll| policy.14.0.microsoft.sharepoint.client.runtime.dll| 16.0.15601.20072| 26192| 14-Sep-22| 08:01 \ncmis15_plc_bindings.config| policy.15.0.microsoft.sharepoint.cmis.bindings.config| | 604| 14-Sep-22| 08:01 \nconversion.proof.mshy2_pt.lex| mshy7pt.lex| | 837120| 14-Sep-22| 08:01 \nmssph.dll| mssph.dll| 16.0.15601.20072| 2153400| 14-Sep-22| 08:01 \nsts_spclientnewux1248484f0eaf072567b2270eb74e2a1f| listview-host-assembly.js| | 1479089| 14-Sep-22| 08:01 \nspssoc.js| sp.ui.socialribbon.js| | 20742| 14-Sep-22| 08:01 \nmicrosoft.projectserver.dll| microsoft.projectserver.dll| 16.0.15601.20144| 866272| 14-Sep-22| 08:01 \nmicrosoft.office.client.translationservices.dll_gac.x64| microsoft.office.client.translationservices.dll| 16.0.15601.20072| 41928| 14-Sep-22| 08:01 \nwffeature12plc.config| policy.12.0.microsoft.office.workflow.feature.config| | 603| 14-Sep-22| 08:01 \nsubsetproxy.dll_0001| microsoft.sharepoint.subsetproxy.dll| 16.0.15601.20144| 1076728| 14-Sep-22| 08:01 \nsts_spclientnewuxcd8824c249da62fe81bbc6e84b7fb896| 112.image-gallery-brick-layout.js| | 5649| 14-Sep-22| 08:01 \nconversion.office.saext.dll| saext.dll| 16.0.15601.20072| 325000| 14-Sep-22| 08:01 \nsppageinstr.debug.js| sp.pageinstrumentation.debug.js| | 1651| 14-Sep-22| 08:01 \nsvrsetup.exe| setup.exe| 16.0.15601.20118| 1103232| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.runtime.portable.dll.x64| microsoft.sharepoint.client.runtime.portable.dll| 16.0.15601.20072| 302552| 14-Sep-22| 08:01 \nsts_spclientnewux532c54830af77b2c35eb802a62820713| 119.sp-list-webpart-setup.js| | 318649| 14-Sep-22| 08:01 \nsts_spclientnewuxc08af2413dffb6070f1d4f01cc188fe3| 119.12.js| | 6201| 14-Sep-22| 08:01 \nonetnative.dll| onetnative.dll| 16.0.15601.20072| 826280| 14-Sep-22| 08:01 \nprm001d.bin_osssearch| prm001d.bin| | 30295040| 14-Sep-22| 08:01 \nws15ws.dll| policy.15.0.microsoft.sharepoint.workflowservices.dll| 16.0.15601.20072| 26184| 14-Sep-22| 08:01 \nsts_spclientnewux4bd496dcecbfc408b57b32e6b34afda0| 24.sp-pages-search.js| | 1683982| 14-Sep-22| 08:01 \ntax15plc.dll| policy.15.0.microsoft.sharepoint.taxonomy.dll| 16.0.15601.20072| 25632| 14-Sep-22| 08:01 \nmswb7001e.dll_osssearch| mswb7001e.dll| 16.0.15601.20072| 863728| 14-Sep-22| 08:01 \nsp.simpleloggermobile.js| sp.simpleloggermobile.js| | 20502| 14-Sep-22| 08:01 \nsts_spclientnewuxcdd2fade97e6bd1c609dafc0204d0272| office-ui-fabric-react-bundle.js| | 548635| 14-Sep-22| 08:01 \nsts_spclientnewux2d92f617d4e9cc7ec385e0e500a3d7b2| sp-image-webpart-bundle.js| | 106253| 14-Sep-22| 08:01 \ntrsrv.policy15.config| policy.15.0.microsoft.office.translationservices.config| | 606| 14-Sep-22| 08:01 \nmtroirmp.dll_0001| microsoft.office.irm.ofcprotector.dll| 16.0.15601.20072| 61400| 14-Sep-22| 08:01 \nvcruntime140_1.dll.dfefc2fe_eee6_424c_841b_d4e66f0c84a3| vcruntime140_1.dll| 14.29.30135.0| 37240| 14-Sep-22| 08:01 \nsp.jsgrid.res_0.resx| sp.jsgrid.res.resx| | 16698| 14-Sep-22| 08:01 \nspwriter.exe_0001| spwriter.exe| 16.0.15601.20072| 209376| 14-Sep-22| 08:01 \nossapp.dll_0001| microsoft.office.server.search.applications.dll| 16.0.15601.20144| 448952| 14-Sep-22| 08:01 \nossex.dll| microsoft.office.server.search.exchangeadapter.dll| 16.0.15601.20144| 117208| 14-Sep-22| 08:01 \nps14plc.dll| policy.14.0.microsoft.office.project.server.pwa.dll| 16.0.15601.20072| 25640| 14-Sep-22| 08:01 \nsts_spclientnewux22d4383e576bd2d0767efe61a9b0177f| sp-classic-page-assembly.js| | 1577606| 14-Sep-22| 08:01 \nipath12.config| policy.12.0.microsoft.office.infopath.config| | 595| 14-Sep-22| 08:01 \nmicrosoft.office.project.server.extensibility.dll| microsoft.office.project.server.extensibility.dll| 16.0.15601.20144| 108528| 14-Sep-22| 08:01 \npwa.library.projectserverscripts.tm.debug.js| ps.teammembers.debug.js| | 349509| 14-Sep-22| 08:01 \nmicrosoft.ceres.coreservices.storage.dll| microsoft.ceres.coreservices.storage.dll| 16.0.15601.20072| 92064| 14-Sep-22| 08:01 \nconversion.proof.mshy2_fr.lex| mshy7fr.lex| | 278528| 14-Sep-22| 08:01 \nprm0003.bin_osssearch| prm0003.bin| | 15897088| 14-Sep-22| 08:01 \nmicrosoft.office.server.directory| microsoft.office.server.directory.dll| 16.0.15601.20072| 1333144| 14-Sep-22| 08:01 \nmswb70804.dll_osssearch| mswb70804.dll| 16.0.15601.20072| 863744| 14-Sep-22| 08:01 \nsec14plc.dll| policy.14.0.microsoft.office.securestoreservice.server.security.dll| 16.0.15601.20072| 26256| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.identitymodel.dll| microsoft.sharepoint.identitymodel.dll| 16.0.15601.20144| 744336| 14-Sep-22| 08:01 \nrbsblobstore.dll| microsoft.sharepoint.blobstores.remoteshareblobstore.dll| 16.0.15601.20072| 44552| 14-Sep-22| 08:01 \nconnui.dll| microsoft.data.connectionui.dll| | 16312| 14-Sep-22| 08:01 \nsts_spclientnewuxd9be030ce46deea919b2af722732be7d| 116.bing-maps-web-part-property-pane-configuration.js| | 1367| 14-Sep-22| 08:01 \nrot15plc.dll| policy.15.0.microsoft.office.workflow.routing.dll| 16.0.15601.20072| 26160| 14-Sep-22| 08:01 \nifswfep.dll| microsoft.office.infopath.server.pages.dll| 16.0.15601.20144| 46968| 14-Sep-22| 08:01 \ndevdash.debug.js| devdash.debug.js| | 89841| 14-Sep-22| 08:01 \nph12plc.dll| policy.14.0.microsoft.office.project.shared.dll| 16.0.15601.20074| 25632| 14-Sep-22| 08:01 \nmicrosoft.office.server.native.dll| microsoft.office.server.native.dll| 16.0.15601.20072| 887712| 14-Sep-22| 08:01 \nupa15plc.config| policy.15.0.microsoft.office.server.userprofiles.config| | 606| 14-Sep-22| 08:01 \nmicrosoft.web.constraint.dll| microsoft.web.constraint.dll| 16.0.15601.20072| 39816| 14-Sep-22| 08:01 \nprofileext.sql| profileext.sql| | 1404855| 14-Sep-22| 08:01 \ngroup.debug.js| group.debug.js| | 125958| 14-Sep-22| 08:01 \nmicrosoft.office.serviceinfrastructure.runtime.dll| microsoft.office.serviceinfrastructure.runtime.dll| 16.0.15601.20144| 1096176| 14-Sep-22| 08:01 \nprm002a.bin_osssearch| prm002a.bin| | 4777984| 14-Sep-22| 08:01 \nmsgfilt.dll.x64| msgfilt.dll| 16.0.15601.20072| 71048| 14-Sep-22| 08:01 \nsts_spclientnewux0c1b716582e2477f19bc1be02c5274df| 119.27.js| | 1108| 14-Sep-22| 08:01 \nbform.js| bform.js| | 259449| 14-Sep-22| 08:01 \nmicrosoft.online.fileservices.dll| microsoft.online.fileservices.dll| 16.0.15601.20144| 74632| 14-Sep-22| 08:01 \nhierarchytaskslist.debug.js| hierarchytaskslist.debug.js| | 60796| 14-Sep-22| 08:01 \ninplview.debug.js| inplview.debug.js| | 156138| 14-Sep-22| 08:01 \nsts_spclientnewuxc3999a83469b1c005b1a3da872e7fe40| 119.11.js| | 2644| 14-Sep-22| 08:01 \nipomload.dll| microsoft.office.infopath.clrloader.dll| 16.0.15601.20072| 28136| 14-Sep-22| 08:01 \nsp.ui.applicationpages.calendar.debug.js| sp.ui.applicationpages.calendar.debug.js| | 278413| 14-Sep-22| 08:01 \nfeaamsi.xml| feature.xml| | 662| 14-Sep-22| 08:01 \nconversion.office.exp_xps_server.dll| exp_xps_server.dll| 16.0.15601.20120| 96144| 14-Sep-22| 08:01 \nmsvcp140_1.dll.f1670fca_6780_3657_9c04_af8005ac8143| msvcp140_1.dll| 14.29.30135.0| 21384| 14-Sep-22| 08:01 \nsts_spclientnewux47aa23768441df5551438ceba1300cdc| 24.oauth-token-data-source.js| | 9490| 14-Sep-22| 08:01 \nsts_spclientnewux0f090153f91fd63880b278b0e0106d0b| 73.developer-tools.js| | 515861| 14-Sep-22| 08:01 \ncmicarabicwordbreaker.dll_osssearch| cmicarabicwordbreaker.dll| 16.0.15601.20072| 148864| 14-Sep-22| 08:01 \nconversion.office.osfserver.dll| osfserver.dll| 16.0.15601.20120| 175496| 14-Sep-22| 08:01 \nspsintl.dll| microsoft.sharepoint.portal.intl.dll| 16.0.15601.20072| 1269288| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.userprofiles.dll_001.x64| microsoft.sharepoint.client.userprofiles.dll| 16.0.15601.20072| 177592| 14-Sep-22| 08:01 \nmicrosoft.office.workflow.pages.dll| microsoft.office.workflow.pages.dll| 16.0.15601.20144| 101336| 14-Sep-22| 08:01 \nconversion.proof.mshy2_nb.lex| mshy7nb.lex| | 2656256| 14-Sep-22| 08:01 \noss14plc.config| policy.14.0.microsoft.office.server.search.config| | 600| 14-Sep-22| 08:01 \nsps14plc.config| policy.14.0.microsoft.sharepoint.portal.config| | 597| 14-Sep-22| 08:01 \nsp.ui.bdcadminpages.js| sp.ui.bdcadminpages.js| | 11652| 14-Sep-22| 08:01 \nsts_spclientnewuxc94b98ef08db44b567c477432a1300a9| 119.6.js| | 16923| 14-Sep-22| 08:01 \nsts_spclientnewux960f55d92c073ad967c1d41757c1f0a8| sp-events-webpart-bundle.js| | 74885| 14-Sep-22| 08:01 \nfollowingcommon.debug.js| followingcommon.debug.js| | 24215| 14-Sep-22| 08:01 \njsgrid.js| jsgrid.js| | 445828| 14-Sep-22| 08:01 \nspx.apppages.dll_0001| microsoft.sharepoint.spx.applicationpages.dll| 16.0.15601.20144| 64448| 14-Sep-22| 08:01 \nps15ext.config| policy.15.0.microsoft.office.project.server.extensibility.config| | 615| 14-Sep-22| 08:01 \nps15lib.config| policy.15.0.microsoft.office.project.server.library.config| | 609| 14-Sep-22| 08:01 \nconversion.proof.mshy2_en.dll| mshy7en.dll| 16.0.15601.20072| 160168| 14-Sep-22| 08:01 \nspsec12.dll| policy.12.0.microsoft.sharepoint.security.dll| 16.0.15601.20072| 25656| 14-Sep-22| 08:01 \nppt.conversion.worker.exe| pptworker.exe| 16.0.15601.20156| 35160| 14-Sep-22| 08:01 \nsts_spclientnewuxaeda81806b2ebbe14a80399912416a96| 24.sp-pages-events.js| | 218476| 14-Sep-22| 08:01 \nserializ_js| serialize.js| | 3221| 14-Sep-22| 08:01 \nmicrosoft.ceres.contentengine.parsing.evaluators.dll| microsoft.ceres.contentengine.parsing.evaluators.dll| 16.0.15601.20072| 313736| 14-Sep-22| 08:01 \nimglib.debug.js| imglib.debug.js| | 91322| 14-Sep-22| 08:01 \nconversion.proof.mshy2_ua.dll| mshy7uk.dll| 16.0.15601.20072| 160200| 14-Sep-22| 08:01 \nnl7lexicons.dll_1054| nl7lexicons001e.dll| 16.0.15601.20072| 221680| | \nsts11plc.config| policy.11.0.microsoft.sharepoint.config| | 590| 14-Sep-22| 08:01 \nspsec14.dll| policy.14.0.microsoft.sharepoint.security.dll| 16.0.15601.20072| 25632| 14-Sep-22| 08:01 \ndsigctrl.cab.x86| dsigctrl.cab| | 532759| 14-Sep-22| 08:01 \nsts_sphomenewuxc0250aabec4b1e71150a3c5e78e664b7| searchux-main-sphome.js| | 1472717| 14-Sep-22| 08:01 \nconversion.microsoft.office.server.native.dll| microsoft.office.server.native.dll| 16.0.15601.20072| 887712| 14-Sep-22| 08:01 \nmicrosoft_sharepoint_dsp_oledb.dll| microsoft.sharepoint.dsp.oledb.dll| 16.0.15601.20144| 124312| 14-Sep-22| 08:01 \nsts_spclientnewuxa08a88a1a20d60fc6fa9f6eecf78666e| embed-webpart-base.js| | 45279| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.publishing.dll_gac.x64| microsoft.sharepoint.client.publishing.dll| 16.0.15601.20072| 82368| 14-Sep-22| 08:01 \nsts_spclientnewux3151f8bb6f986a1343864414a00725e7| 114.people-property-pane.js| | 2745| 14-Sep-22| 08:01 \nmydocs.js| mydocs.js| | 34455| 14-Sep-22| 08:01 \nhomeapi.dll_gac| microsoft.sharepoint.homeapi.dll| 16.0.15601.20144| 337840| 14-Sep-22| 08:01 \nsts_spclientnewuxf485ef5d5dc2ff5ace09c9d6fafb52b9| 24.siteheaderdeferredchunk.js| | 5366| 14-Sep-22| 08:01 \nifswfeh.dll| microsoft.office.infopath.server.host.dll| 16.0.15601.20144| 29056| 14-Sep-22| 08:01 \nmicrosoft.fileservices.serverstub.v2.dll| microsoft.fileservices.serverstub.v2.dll| 16.0.15601.20144| 593832| 14-Sep-22| 08:01 \nspsec11.config| policy.11.0.microsoft.sharepoint.security.config| | 599| 14-Sep-22| 08:01 \nclextn14.dll| policy.14.0.microsoft.office.sharepoint.clientextensions.dll| 16.0.15601.20072| 26232| 14-Sep-22| 08:01 \nwfa15plc.config| policy.15.0.microsoft.sharepoint.workflowactions.config| | 606| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchcore.contenttargets.indexrouter.dll| microsoft.ceres.searchcore.contenttargets.indexrouter.dll| 16.0.15601.20072| 76160| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.taxonomy.dll| microsoft.sharepoint.taxonomy.dll| 16.0.15601.20144| 1722248| 14-Sep-22| 08:01 \ncmdui15.dll| policy.15.0.microsoft.web.commandui.dll| 16.0.15601.20072| 25584| 14-Sep-22| 08:01 \nptdlg.js| pickertreedialog.js| | 2952| 14-Sep-22| 08:01 \nfollowingcommon.js| followingcommon.js| | 10560| 14-Sep-22| 08:01 \nosfserver_serverproxy_dll| microsoft.sharepoint.workflowservices.serverproxy.dll| 16.0.15601.20144| 123304| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchcore.indexstorage.dll| microsoft.ceres.searchcore.indexstorage.dll| 16.0.15601.20072| 40856| 14-Sep-22| 08:01 \ncontentfollowing.debug.js| contentfollowing.debug.js| | 123898| 14-Sep-22| 08:01 \nps15dwrk.dll| policy.15.0.microsoft.office.project.server.workflow.defaultworkflow.dll| 16.0.15601.20072| 26272| 14-Sep-22| 08:01 \ntsk15plc.dll| policy.15.0.microsoft.office.workflow.tasks.dll| 16.0.15601.20072| 25616| 14-Sep-22| 08:01 \nsp.ribbon.js| sp.ribbon.js| | 222920| 14-Sep-22| 08:01 \nwfa12plc.config| policy.12.0.microsoft.sharepoint.workflowactions.config| | 606| 14-Sep-22| 08:01 \nappdeveloperdash.js| appdeveloperdash.js| | 11552| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.spx.jsinclude.dll| microsoft.sharepoint.spx.jsinclude.dll| 16.0.15601.20144| 47232| 14-Sep-22| 08:01 \nwdsrv.policy15.dll| policy.15.0.microsoft.office.word.server.dll| 16.0.15601.20072| 25632| 14-Sep-22| 08:01 \nkorwbrkr.dll| korwbrkr.dll| 16.0.15601.20072| 212864| 14-Sep-22| 08:01 \nosfserver_activities_dll.x64| microsoft.sharepoint.workflowservices.activities.dll| 16.0.15601.20072| 276968| 14-Sep-22| 08:01 \ncmis14_plc_data.config| policy.14.0.microsoft.sharepoint.cmis.data.config| | 600| 14-Sep-22| 08:01 \nwsshelp.xml_1081| microsoft.sharepoint.powershell.dll-help.xml| | | 14-Sep-22| 08:25 \ninmanagedom.dll| microsoft.office.infopath.dll| 16.0.15601.20072| 60280| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.publishing.silverlight.dll.x64| microsoft.sharepoint.client.publishing.silverlight.dll| 16.0.15601.20072| 81920| 14-Sep-22| 08:01 \nsts_spclientnewux1a0066429fafb604e6ea0d15f15d8866| 24.sp-pages-app.js| | 1875| 14-Sep-22| 08:01 \nsts_sphomenewux4bf88d694ee8449f7f0ea170824568fb| sphome-utilities.js| | 124566| 14-Sep-22| 08:01 \ncommunitiestileview.js| sp.ui.communities.tileview.js| | 8540| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchcore.indexcontroller.dll| microsoft.ceres.searchcore.indexcontroller.dll| 16.0.15601.20072| 234888| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.taxonomy.dll.x64| microsoft.sharepoint.client.taxonomy.dll| 16.0.15601.20072| 84904| 14-Sep-22| 08:01 \npdfirml.dll_0002| microsoft.office.irm.pdfprotectorlib.dll| 16.0.15601.20072| 1195024| 14-Sep-22| 08:01 \nclextn15.config| policy.15.0.microsoft.office.sharepoint.clientextensions.config| | 614| 14-Sep-22| 08:01 \nwfs15plc.dll| policy.15.0.microsoft.sharepoint.workflows.dll| 16.0.15601.20072| 25616| 14-Sep-22| 08:01 \nmountpt.js| mountpoint.js| | 6213| 14-Sep-22| 08:01 \nmicrosoft.ceres.interactionengine.operators.builtin.dll| microsoft.ceres.interactionengine.operators.builtin.dll| 16.0.15601.20072| 63896| 14-Sep-22| 08:01 \nmicrosoft_web_design_server.dll| microsoft.web.design.server.dll| 16.0.15601.20072| 391104| 14-Sep-22| 08:01 \nsts_odspnextnewux1efa61166de43c71668b949c99f0686b| listitemformdeferred.js| | 2318716| 14-Sep-22| 08:01 \nhtmlchkr.dll.x64| htmlchkr.dll| 16.0.15601.20072| 1045944| 14-Sep-22| 08:01 \nsm.js| cmssitemanager.js| | 29281| 14-Sep-22| 08:01 \nmicrosoft.ceres.docparsing.formathandlers.simplexml.dllmsil| microsoft.ceres.docparsing.formathandlers.simplexml.dll| 16.0.15601.20072| 35200| 14-Sep-22| 08:01 \nsts_spclientnewuxb200a6283a80b8a6b4ee220419563723| sp-toolbox.js| | 30975| 14-Sep-22| 08:01 \nmicrosoft.ceres.contentengine.nlpevaluators.dll| microsoft.ceres.contentengine.nlpevaluators.dll| 16.0.15601.20072| 255872| 14-Sep-22| 08:01 \nwffeature12plc.dll| policy.12.0.microsoft.office.workflow.feature.dll| 16.0.15601.20072| 26184| 14-Sep-22| 08:01 \nconversion.proof.mshy2_no.lex| mshy7no.lex| | 1645568| 14-Sep-22| 08:01 \nastpkrs_js| assetpickers.js| | 68294| 14-Sep-22| 08:01 \nmicrosoft.office.client.translationservices.phone.dll| microsoft.office.client.translationservices.phone.dll| 16.0.15601.20072| 41440| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.runtime.portable.dll_gac.x64| microsoft.sharepoint.client.runtime.portable.dll| 16.0.15601.20072| 302552| 14-Sep-22| 08:01 \nwsshelp.xml_1051| microsoft.sharepoint.powershell.dll-help.xml| | | 14-Sep-22| 08:22 \nspsec15.config| policy.15.0.microsoft.sharepoint.security.config| | 599| 14-Sep-22| 08:01 \nroamingapps.debug.js| roamingapps.debug.js| | 58900| 14-Sep-22| 08:01 \ndsigres.cab.x64_1033| dsigres.cab| | 237263| 14-Sep-22| 08:25 \nmicrosoft.sharepoint.client.search.applications.dll_0001.x64| microsoft.sharepoint.client.search.applications.dll| 16.0.15601.20072| 30096| 14-Sep-22| 08:01 \nspui_col.js| sp.ui.collabmailbox.js| | 7594| 14-Sep-22| 08:01 \ncfw15plc.dll| policy.15.0.microsoft.office.server.search.connector.dll| 16.0.15601.20072| 26208| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchcore.fastserver.native.dll| microsoft.ceres.searchcore.fastserver.native.dll| 16.0.15601.20072| 17566632| 14-Sep-22| 08:01 \nconversion.proof.mshy2_kz.dll| mshy7kk.dll| 16.0.15601.20072| 160192| 14-Sep-22| 08:01 \nnl7lexicons0404.dll_osssearch| nl7lexicons0404.dll| 16.0.15601.20072| 381504| 14-Sep-22| 08:01 \nsts_spclientnewux53b6a33d178bf0e8ccf4007ece518abd| 50.sp-filepickercontrol.js| | 308442| 14-Sep-22| 08:01 \nmicrosoft.office.workflowsoap.dll| microsoft.office.workflowsoap.dll| 16.0.15601.20144| 65928| 14-Sep-22| 08:01 \nfastmorph.dll_osssearch| fastmorph.dll| 16.0.15601.20072| 2397056| 14-Sep-22| 08:01 \nconversion.proof.mshy2_bg.lex| mshy7bg.lex| | 67072| 14-Sep-22| 08:01 \nconversion.proof.mshy2_eu.dll| mshy7eu.dll| 16.0.15601.20072| 160184| 14-Sep-22| 08:01 \nmicrosoft_office_securestoreservice_server_security.dll_gac| microsoft.office.securestoreservice.server.security.dll| 16.0.15601.20072| 28152| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.silverlight.dll.x64| microsoft.sharepoint.client.silverlight.dll| 16.0.15601.20072| 807384| 14-Sep-22| 08:01 \nwfs14plc.dll| policy.14.0.microsoft.sharepoint.workflows.dll| 16.0.15601.20072| 25624| 14-Sep-22| 08:01 \nform.js| form.js| | 129252| 14-Sep-22| 08:01 \nwpadder.js| wpadder.js| | 33285| 14-Sep-22| 08:01 \nsts_spclientnewux4a31d91baed503c9b44c1541428d4c2b| 119.2.js| | 7070| 14-Sep-22| 08:01 \nsts_spclientnewuxe90ae978c09ee7ebe3e870f059308db3| 112.herowebpart-propertypaneconfiguration.js| | 20379| 14-Sep-22| 08:01 \nmicrosoft.ceres.datalossprevention.dll| microsoft.ceres.datalossprevention.dll| 16.0.15601.20072| 2459016| 14-Sep-22| 08:01 \nmsmdloc.dll| msmdlocal_xl.dll| 2015.0130.1700.1119| 57347512| 14-Sep-22| 08:01 \nconversion.proof.mshy2_sro.dll| mshy7sro.dll| 16.0.15601.20072| 160176| 14-Sep-22| 08:01 \nwss14plc.config| policy.14.0.microsoft.sharepoint.search.config| | 597| 14-Sep-22| 08:01 \nnatlangkorwbrkr.dll_osssearch| korwbrkr.dll| 16.0.15601.20072| 212864| 14-Sep-22| 08:01 \nspxapppage14plc.dll| policy.14.0.microsoft.sharepoint.spx.applicationpages.dll| 16.0.15601.20072| 26216| 14-Sep-22| 08:01 \nosrvintl.dll| microsoft.office.server.intl.dll| 16.0.15601.20072| 300088| 14-Sep-22| 08:01 \nsp.userprofiles.js| sp.userprofiles.js| | 158570| 14-Sep-22| 08:01 \nconversion.office.riched20.dll| riched20.dll| 16.0.15601.20120| 3252096| 14-Sep-22| 08:01 \npowshl14.config| policy.14.0.microsoft.sharepoint.powershell.config| | 601| 14-Sep-22| 08:01 \ndsigres.cab.x86| dsigres.cab| | 199233| 14-Sep-22| 08:01 \nsts_odspnextnewux9b63549651583f94a6560b1f3ae0fa8f| listviewdataprefetch.js| | 63386| 14-Sep-22| 08:01 \nsdk.microsoft.office.project.server.library.dll| microsoft.office.project.server.library.dll| 16.0.15601.20144| 1801608| 14-Sep-22| 08:01 \nprm001b.bin_osssearch| prm001b.bin| | 150199296| 14-Sep-22| 08:01 \nsts_sphomenewuxab3efcb3b4702929d33f754cfd563158| searchux-resources.js| | 25886| 14-Sep-22| 08:01 \nmysiterecommendations.js| mysiterecommendations.js| | 41312| 14-Sep-22| 08:01 \nosfap.dll| microsoft.sharepoint.workflowservices.applicationpages.dll| 16.0.15601.20144| 138176| 14-Sep-22| 08:01 \nsts_spclientnewuxe526f3106af18bfd9a893c145a68bea1| sp-divider-webpart-bundle.js| | 32029| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.search.silverlight.dll.x64| microsoft.sharepoint.client.search.silverlight.dll| 16.0.15601.20072| 105984| 14-Sep-22| 08:01 \nmicrosoft.ceres.hostcontroller.controller.dll| microsoft.ceres.hostcontroller.controller.dll| 16.0.15601.20072| 71560| 14-Sep-22| 08:01 \nmicrosoft_office_server_conversions_launcher_exe| microsoft.office.server.conversions.launcher.exe| 16.0.15601.20144| 88016| 14-Sep-22| 08:01 \nmicrosoft.office.policy.dll_isapi| microsoft.office.policy.dll| 16.0.15601.20144| 2337160| 14-Sep-22| 08:01 \nosrxlprx.dll| microsoft.office.excel.server.mosshost.dll| 16.0.15601.20144| 111584| 14-Sep-22| 08:01 \nwsshelp.xml_1063| microsoft.sharepoint.powershell.dll-help.xml| | | 14-Sep-22| 08:24 \ngroupboard.js| groupboard.js| | 9550| 14-Sep-22| 08:01 \njsgrid.gantt.js| jsgrid.gantt.js| | 42306| 14-Sep-22| 08:01 \nps15evt.config| policy.15.0.microsoft.office.project.server.events.receivers.config| | 618| 14-Sep-22| 08:01 \nmicrosoft.office.server.search.officegraph.dllmsil| microsoft.office.server.search.officegraph.dll| 16.0.15601.20144| 746896| 14-Sep-22| 08:01 \nupa15plc.dll| policy.15.0.microsoft.office.server.userprofiles.dll| 16.0.15601.20072| 26176| 14-Sep-22| 08:01 \nconversion.proof.mshy2_sro.lex| mshy7sro.lex| | 146432| 14-Sep-22| 08:01 \nmicrosoft.office.web.conversion.viewerinterface.dll| microsoft.office.web.conversion.viewerinterface.dll| 16.0.15601.20072| 74736| 14-Sep-22| 08:01 \nsdk.microsoft.office.project.server.workflow.dll| microsoft.office.project.server.workflow.dll| 16.0.15601.20144| 204672| 14-Sep-22| 08:01 \nmicrosoft.eedict_companies.fr.dll| microsoft.eedict_companies.fr| 16.0.15601.20158| 35736| 14-Sep-22| 08:01 \nconversion.proof.mshy2_ua.lex| mshy7uk.lex| | 374784| 14-Sep-22| 08:01 \nsts_spclientnewux11d2e484811a186abfb7f9a6c7275fd4| sp-newsreel-webpart-bundle.js| | 142765| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchcore.keyvaluemodel.dll| microsoft.ceres.searchcore.keyvaluemodel.dll| 16.0.15601.20072| 29072| 14-Sep-22| 08:01 \nmicrosoft.ceres.docparsing.formathandlers.common.interop.dllmsil| microsoft.ceres.docparsing.formathandlers.common.interop.dll| 16.0.15601.20072| 44960| 14-Sep-22| 08:01 \nconversion.proof.mshy2_et.dll| mshy7et.dll| 16.0.15601.20072| 160192| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchvsswriter.dllmsil| microsoft.ceres.searchvsswriter.dll| 16.0.15601.20144| 81344| 14-Sep-22| 08:01 \nmysitecommon.js| sp.ui.mysitecommon.js| | 75540| 14-Sep-22| 08:01 \nmicrosoft.ceres.contentengine.processing.contentpush.dll| microsoft.ceres.contentengine.processing.contentpush.dll| 16.0.15601.20072| 38784| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchcore.schema.schemacatalogproxy.dll| microsoft.ceres.searchcore.schema.schemacatalogproxy.dll| 16.0.15601.20072| 39848| 14-Sep-22| 08:01 \nifsacli.dll| microsoft.office.infopath.server.administration.commandline.dll| 16.0.15601.20144| 25984| 14-Sep-22| 08:01 \nmicrosoft.office.project.server.events.remote.dll| microsoft.office.project.server.events.remote.dll| 16.0.15601.20144| 68464| 14-Sep-22| 08:01 \nmfc140cht.dll.f1670fca_6780_3657_9c04_af8005ac8143| mfc140cht.dll| | 39816| 14-Sep-22| 08:01 \nvccorlib140.dll.f1670fca_6780_3657_9c04_af8005ac8143| vccorlib140.dll| 14.29.30135.0| 267640| 14-Sep-22| 08:01 \nmfc140deu.dll.f1670fca_6780_3657_9c04_af8005ac8143| mfc140deu.dll| | 68488| 14-Sep-22| 08:01 \nclientrenderer.debug.js| clientrenderer.debug.js| | 30681| 14-Sep-22| 08:01 \nmicrosoft.spatial.7.8.2.dll| microsoft.spatial.dll| 7.8.2.20215| 151912| 14-Sep-22| 08:01 \nossapp.dll| microsoft.office.server.search.applications.dll| 16.0.15601.20144| 448952| 14-Sep-22| 08:01 \nconversion.igxserver.dll| igxserver.dll| 16.0.15601.20142| 11114312| 14-Sep-22| 08:01 \nmicrosoft.ceres.analysisengine.managed.dll| microsoft.ceres.analysisengine.managed.dll| 16.0.15601.20072| 60312| 14-Sep-22| 08:01 \nmicrosoft.ceres.coreservices.clustering.dll| microsoft.ceres.coreservices.clustering.dll| 16.0.15601.20072| 71552| 14-Sep-22| 08:01 \nsts_spclientnewuxa61f5e0f461e05cce0e0c856fdaae280| sp-blogs-webpart-bundle.js| | 144896| 14-Sep-22| 08:01 \nconversion.office.gfxserver.dll| gfxserver.dll| 16.0.15601.20120| 5745064| 14-Sep-22| 08:01 \nws15am.dll| policy.15.0.microsoft.sharepoint.appmanagement.dll| 16.0.15601.20072| 26144| 14-Sep-22| 08:01 \nspui_cold.js| sp.ui.collabmailbox.debug.js| | 11768| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchcore.graphserver.managed.dll| microsoft.ceres.searchcore.graphserver.managed.dll| 16.0.15601.20072| 1138088| 14-Sep-22| 08:01 \nws15ad.config| policy.15.0.microsoft.sharepoint.appdevelopment.config| | 605| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.dll_0001.x64| microsoft.sharepoint.client.dll| 16.0.15601.20072| 861584| 14-Sep-22| 08:01 \nform.debug.js| form.debug.js| | 241306| 14-Sep-22| 08:01 \nspui_rid.js| sp.ui.relateditems.debug.js| | 29224| 14-Sep-22| 08:01 \nmfc140cht.dll.dfefc2fe_eee6_424c_841b_d4e66f0c84a3| mfc140cht.dll| | 39824| 14-Sep-22| 08:01 \npjintl_1.dll| pjintl.dll| | 4957024| 14-Sep-22| 08:01 \nsts_spclientnewuxbd23445e9270ea564681ead82257f112| 24.editnavchunk.js| | 66023| 14-Sep-22| 08:01 \nappdev.dll| microsoft.sharepoint.appdevelopment.dll| 16.0.15601.20144| 75640| 14-Sep-22| 08:01 \ntquery.dll| tquery.dll| 16.0.15601.20072| 936896| 14-Sep-22| 08:01 \nps14wrk.config| policy.14.0.microsoft.office.project.server.workflow.config| | 610| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchcore.graphquerymodel.dll| microsoft.ceres.searchcore.graphquerymodel.dll| 16.0.15601.20072| 56744| 14-Sep-22| 08:01 \nmicrosoft.eedict_companies.ru.dll| microsoft.eedict_companies.ru| 16.0.15601.20158| 33226136| 14-Sep-22| 08:01 \nmicrosoft.office.server.dll_isapi| microsoft.office.server.dll| 16.0.15601.20144| 2762112| 14-Sep-22| 08:01 \nconversion.proof.mshy2_hu.lex| mshy7hu.lex| | 508928| 14-Sep-22| 08:01 \nconversion.proof.mshy2_fr.dll| mshy7fr.dll| 16.0.15601.20072| 160176| 14-Sep-22| 08:01 \nsec15plc.config| policy.15.0.microsoft.office.securestoreservice.server.security.config| | 621| 14-Sep-22| 08:01 \nwsshelp.xml_1087| microsoft.sharepoint.powershell.dll-help.xml| | | 14-Sep-22| 08:22 \nconversion.office.msptls.dll| msptls.dll| 16.0.15601.20072| 1771928| 14-Sep-22| 08:01 \nappcatalogfieldtemplate.js| appcatalogfieldtemplate.js| | 3695| 14-Sep-22| 08:01 \nconversion.msvcp140.dll| msvcp140.dll| | | 14-Sep-22| 08:01 \nsts_spclientnewux1dc3f20e82c9b047bfcd25d3f2118476| 112.image-gallery-light-box.js| | 7625| 14-Sep-22| 08:01 \nmicrosoft.ceres.contentengine.nlpoperators.dll| microsoft.ceres.contentengine.nlpoperators.dll| 16.0.15601.20072| 161704| 14-Sep-22| 08:01 \nmicrosoft.ceres.docparsing.external.core.dllmsil| microsoft.ceres.docparsing.external.core.dll| 16.0.15601.20072| 55168| 14-Sep-22| 08:01 \nsts_odspnextnewuxd4e250d5b17acbca5534712d8fedb971| odbonedrive.json| | 298801| 14-Sep-22| 08:01 \nmicrosoft.ceres.analysisengine.cmdlets.dll| microsoft.ceres.analysisengine.cmdlets.dll| 16.0.15601.20072| 35224| 14-Sep-22| 08:01 \nconversion.proof.mshy2_el.lex| mshy7el.lex| | 49664| 14-Sep-22| 08:01 \nmicrosoft.office.web.environment.officeserver.dll| microsoft.office.web.environment.officeserver.dll| 16.0.15601.20152| 75216| 14-Sep-22| 08:01 \nsts_odspnextnewuxdf192495e18fd01667a80b7f5657d569| odbtiles.js| | 248221| 14-Sep-22| 08:01 \nsplchkpg_js| spellcheckentirepage.js| | 6655| 14-Sep-22| 08:01 \nnl7models0011.dll_osssearch| nl7models0011.dll| 16.0.15601.20072| 7013376| 14-Sep-22| 08:01 \nmicrosoft.aspnet.odata.7.8.2.dll| microsoft.aspnet.odata.dll| 7.5.8.20430| 982416| 14-Sep-22| 08:01 \nnoteswebservice.dll.oss.x86| noteswebservice.dll| 16.0.15601.20080| 1015736| 14-Sep-22| 08:01 \nmicrosoft.ceres.coreservices.remoting.dll| microsoft.ceres.coreservices.remoting.dll| 16.0.15601.20072| 91040| 14-Sep-22| 08:01 \nsec14plc.config| policy.14.0.microsoft.office.securestoreservice.server.security.config| | 621| 14-Sep-22| 08:01 \ntimecard.debug.js| timecard.debug.js| | 37455| 14-Sep-22| 08:01 \nhelp.xml| microsoft.sharepoint.powershell.dll-help.xml| | | 14-Sep-22| 08:01 \nsts_spclientnewuxa45c6b3ee0889b88b351550809dbaa2c| 119.17.js| | 3888| 14-Sep-22| 08:01 \nsts_odspnextnewux736776bec9f6c6dad2f7dda661dc3dfd| recyclebinreactcontrols.js| | 300138| 14-Sep-22| 08:01 \nmicrosoft.ceres.coreservices.utils.dll| microsoft.ceres.coreservices.utils.dll| 16.0.15601.20072| 90504| 14-Sep-22| 08:01 \nmicrosoft.office.server.workmanagement.exchange.dll| microsoft.office.server.workmanagement.exchange.dll| 16.0.15601.20072| 26568| 14-Sep-22| 08:01 \nosfserver_shared_dll| microsoft.sharepoint.workflowservicesbase.dll| 16.0.15601.20144| 98264| 14-Sep-22| 08:01 \nsts_odspnextnewuxc563bd732bac9201f0dcad0747118e6b| odbfiles.js| | 928795| 14-Sep-22| 08:01 \nsts_spclientnewux2eeb7d476cb82c53587f55013e4ef9d8| 24.sp-pages-statemanager.js| | 50865| 14-Sep-22| 08:01 \neditmenu_js| editingmenu.js| | 11361| 14-Sep-22| 08:01 \nmicrosoft.ceres.coreservices.transport.dll| microsoft.ceres.coreservices.transport.dll| 16.0.15601.20072| 60328| 14-Sep-22| 08:01 \nmicrosoft.ceres.docparsing.formathandlers.xps.dllmsil| microsoft.ceres.docparsing.formathandlers.xps.dll| 16.0.15601.20072| 40320| 14-Sep-22| 08:01 \nprm0015.bin_osssearch| prm0015.bin| | 23729664| 14-Sep-22| 08:01 \ncmis14_plc_core.config| policy.14.0.microsoft.sharepoint.cmis.core.config| | 600| 14-Sep-22| 08:01 \nmicrosoft.fileservices.v2.dll| microsoft.fileservices.v2.dll| 16.0.15601.20144| 968560| 14-Sep-22| 08:01 \nspdxap.dll| microsoft.sharepoint.appmonitoring.applicationpages.dll| 16.0.15601.20144| 75664| 14-Sep-22| 08:01 \nstslib.dll_0001| microsoft.sharepoint.library.dll| 16.0.15601.20072| 241056| 14-Sep-22| 08:01 \ncommonvalidation.debug.js| commonvalidation.debug.js| | 6758| 14-Sep-22| 08:01 \nfilepreview.js| filepreview.js| | 14046| 14-Sep-22| 08:01 \nfoldhyperlink.debug.js| foldhyperlink.debug.js| | 3924| 14-Sep-22| 08:01 \nlistview.js| listview.js| | 401334| 14-Sep-22| 08:01 \nsts_spclientnewuxbc91d6c569c48794c4b16339e0e9607c| 116.group-calendar-web-part-property-pane-configuration.js| | 3273| 14-Sep-22| 08:01 \nconversion.proof.mshy2_pl.dll| mshy7pl.dll| 16.0.15601.20072| 160168| 14-Sep-22| 08:01 \nmicrosoft.fileservices.serverstub.beta.dll| microsoft.fileservices.serverstub.beta.dll| 16.0.15601.20144| 88984| 14-Sep-22| 08:01 \ncmis14_plc_bindings.dll| policy.14.0.microsoft.sharepoint.cmis.bindings.dll| 16.0.15601.20072| 26144| 14-Sep-22| 08:01 \nmicrosoft.ceres.common.wcfutils.dllmsil| microsoft.ceres.common.wcfutils.dll| 16.0.15601.20072| 49048| 14-Sep-22| 08:01 \nmicrosoft.ceres.coreservices.eventhistory.dll| microsoft.ceres.coreservices.eventhistory.dll| 16.0.15601.20072| 42392| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.taxonomy.silverlight.dll.x64| microsoft.sharepoint.client.taxonomy.silverlight.dll| 16.0.15601.20072| 84984| 14-Sep-22| 08:01 \nsts_odspnextnewux8c0380eb9a20542616b7c1feeac0f995| odbonedrive.js| | 675323| 14-Sep-22| 08:01 \ncfw14plc.dll| policy.14.0.microsoft.office.server.search.connector.dll| 16.0.15601.20072| 26192| 14-Sep-22| 08:01 \nmicrosoft.ceres.analysisengine.operators.dllmsil| microsoft.ceres.analysisengine.operators.dll| 16.0.15601.20144| 120184| 14-Sep-22| 08:01 \ncmis14_plc_data.dll| policy.14.0.microsoft.sharepoint.cmis.data.dll| 16.0.15601.20072| 25664| 14-Sep-22| 08:01 \nmicrosoft.ceres.coreservices.tools.management.cmdlets.dll_1| microsoft.ceres.coreservices.tools.management.cmdlets.dll| 16.0.15601.20072| 62848| 14-Sep-22| 08:01 \nnl7models0404.dll_osssearch| nl7models0404.dll| 16.0.15601.20072| 9741392| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.owin.hosting.dll| microsoft.sharepoint.owin.hosting.dll| 16.0.15601.20072| 25000| 14-Sep-22| 08:01 \nspimgc.js| sp.ui.imagecrop.js| | 28399| 14-Sep-22| 08:01 \naccreqviewtmpl.js| accessrequestsviewtemplate.js| | 22933| 14-Sep-22| 08:01 \nwdsrv.conversion.sword.dll| sword.dll| 16.0.15601.20142| 17461608| 14-Sep-22| 08:01 \nsts_spclientnewuxc442a021160fd10976a5b8981a0f0d8e| 24.sp-pages-sitesseeall.js| | 10077| 14-Sep-22| 08:01 \ncfw15plc.config| policy.15.0.microsoft.office.server.search.connector.config| | 610| 14-Sep-22| 08:01 \nprm0414.bin_osssearch| prm0414.bin| | 25310208| 14-Sep-22| 08:01 \nmicrosoft.ceres.evaluation.operators.parsing.dll| microsoft.ceres.evaluation.operators.parsing.dll| 16.0.15601.20072| 74648| 14-Sep-22| 08:01 \nsrchquerypipeline.dll| microsoft.office.server.search.query.dll| 16.0.15601.20144| 1080792| 14-Sep-22| 08:01 \nmydocs.debug.js| mydocs.debug.js| | 73509| 14-Sep-22| 08:01 \nmicrosoft.office.project.server.administration.applicationpages.dll| microsoft.office.project.server.administration.applicationpages.dll| 16.0.15601.20144| 55696| 14-Sep-22| 08:01 \nmicrosoft.ceres.contentengine.processing.builtin.dll| microsoft.ceres.contentengine.processing.builtin.dll| 16.0.15601.20072| 2636160| 14-Sep-22| 08:01 \nodffilt.dll.x64| odffilt.dll| 16.0.15601.20072| 1476040| 14-Sep-22| 08:01 \nspui_listsearchboxbootstrap.js| sp.ui.listsearchboxbootstrap.js| | 3070| 14-Sep-22| 08:01 \nps15lib.dll| policy.15.0.microsoft.office.project.server.library.dll| 16.0.15601.20072| 25656| 14-Sep-22| 08:01 \nmicrosoft.ceres.contentengine.operators.mars.dll| microsoft.ceres.contentengine.operators.mars.dll| 16.0.15601.20072| 47024| 14-Sep-22| 08:01 \nsp.simpleloggermobile.debug.js| sp.simpleloggermobile.debug.js| | 41022| 14-Sep-22| 08:01 \nvisioserver.vutils.dll| vutils.dll| 16.0.15601.20120| 2510696| 14-Sep-22| 08:01 \ncltsvr15.dll| policy.15.0.microsoft.sharepoint.client.serverruntime.dll| 16.0.15601.20072| 26184| 14-Sep-22| 08:01 \nhierarchytaskslist.js| hierarchytaskslist.js| | 20088| 14-Sep-22| 08:01 \nconversion.concrt140.dll| concrt140.dll| | | 14-Sep-22| 08:01 \nmicrosoft.office.server.powerpoint.dll| microsoft.office.server.powerpoint.dll| 16.0.15601.20158| 129976| 14-Sep-22| 08:01 \nmicrosoft.ceres.external.contentapi.dll| microsoft.ceres.external.contentapi.dll| 16.0.15601.20072| 179072| 14-Sep-22| 08:01 \nprm0049.bin_osssearch| prm0049.bin| | 14161920| 14-Sep-22| 08:01 \nworkflowactivitiesdll| microsoft.office.project.server.workflowactivities.dll| 16.0.15601.20072| 65408| 14-Sep-22| 08:01 \nmicrosoft.ceres.nlpbase.dictionaries.dll| microsoft.ceres.nlpbase.dictionaries.dll| 16.0.15601.20072| 145296| 14-Sep-22| 08:01 \ndm14plc.dll| policy.14.0.microsoft.office.documentmanagement.dll| 16.0.15601.20072| 26184| 14-Sep-22| 08:01 \noss15plc.dll| policy.15.0.microsoft.office.server.search.dll| 16.0.15601.20072| 25640| 14-Sep-22| 08:01 \nmicrosoft.office.project.server.pwa.applicationpages.dll| microsoft.office.project.server.pwa.applicationpages.dll| 16.0.15601.20144| 1043424| 14-Sep-22| 08:01 \nmicrosoft.ceres.docparsing.formathandlers.excelgeneric.dllmsil| microsoft.ceres.docparsing.formathandlers.excelgeneric.dll| 16.0.15601.20072| 173976| 14-Sep-22| 08:01 \nmicrosoft.transformation.ut.dll| microsoft.transformation.ut.dll| 16.0.15601.20158| 55168| 14-Sep-22| 08:01 \nxlamocor.dll| microsoft.excel.amo.core.dll| 13.0.1605.913| 1310616| 14-Sep-22| 08:01 \nsts_spclientnewux43619dada632679945fb9803602ff4e5| 119.23.js| | 1345| 14-Sep-22| 08:01 \nportal.dll_001| microsoft.sharepoint.portal.dll| 16.0.15601.20144| 6864304| 14-Sep-22| 08:01 \nmrudocs.js| mrudocs.js| | 5864| 14-Sep-22| 08:01 \nsts_spclientnewux59e7e9a3603ea1a4ec0d3a97d86bfb12| sp-pagepicker.js| | 10027| 14-Sep-22| 08:01 \nsts_spclientnewuxb7c159038749343c1c4b0ec9f2deec4c| sp-pages-core.js| | 59146| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchanalytics.operators.dllmsil| microsoft.ceres.searchanalytics.operators.dll| 16.0.15601.20144| 317304| 14-Sep-22| 08:01 \nwdsrv.policy15.config| policy.15.0.microsoft.office.word.server.config| | 598| 14-Sep-22| 08:01 \nconversion.proof.mshy2_sk.lex| mshy7sk.lex| | 220160| 14-Sep-22| 08:01 \nowssvr.dll_0001| owssvr.dll| 16.0.15601.20072| 5866912| 14-Sep-22| 08:01 \nsts_spclientnewuxd06b22027fae659d53ac198990a2bb9a| sp-dragzone.js| | 8309| 14-Sep-22| 08:01 \nwsssetup.dll| wsssetup.dll| 16.0.15601.20142| 17536864| 14-Sep-22| 08:01 \nmicrosoft.ceres.evaluation.datamodel.dll| microsoft.ceres.evaluation.datamodel.dll| 16.0.15601.20072| 135056| 14-Sep-22| 08:01 \ntsk12plc.dll| policy.12.0.microsoft.office.workflow.tasks.dll| 16.0.15601.20072| 25616| 14-Sep-22| 08:01 \nxlamo.dll| microsoft.excel.amo.dll| 13.0.1605.913| 692144| 14-Sep-22| 08:01 \nmysitecommondebug.js| sp.ui.mysitecommon.debug.js| | 131548| 14-Sep-22| 08:01 \nsts_odspnextnewuxbed2e8db2e84613293dad61e0584dfb2| sitehubexecutors.js| | 790051| 14-Sep-22| 08:01 \nwss14plc.dll| policy.14.0.microsoft.sharepoint.search.dll| 16.0.15601.20072| 25600| 14-Sep-22| 08:01 \nwdsrv.conversion.worker.config| wordserverworker.exe.config| | 2012| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchcore.query.marslookupcomponent.dll| microsoft.ceres.searchcore.query.marslookupcomponent.dll| 16.0.15601.20072| 599952| 14-Sep-22| 08:01 \nrot12plc.dll| policy.12.0.microsoft.office.workflow.routing.dll| 16.0.15601.20072| 26184| 14-Sep-22| 08:01 \npowshl14.dll| policy.14.0.microsoft.sharepoint.powershell.dll| 16.0.15601.20072| 25616| 14-Sep-22| 08:01 \nclienttemplates.debug.js| clienttemplates.debug.js| | 399096| 14-Sep-22| 08:01 \nstsomdr.dll| microsoft.sharepoint.intl.dll| 16.0.15601.20072| 1444800| 14-Sep-22| 08:01 \nhierlist_js| hierarchicallistbox.js| | 30329| 14-Sep-22| 08:01 \ndm15plc.config| policy.15.0.microsoft.office.documentmanagement.config| | 605| 14-Sep-22| 08:01 \nbusdatar.dll.x64| microsoft.businessdata.dll| 16.0.15601.20072| 136192| 14-Sep-22| 08:01 \nmicrosoft.office.project.server.interfaces.dll| microsoft.office.project.server.interfaces.dll| 16.0.15601.20144| 31632| 14-Sep-22| 08:01 \nws15am.config| policy.15.0.microsoft.sharepoint.appmanagement.config| | 604| 14-Sep-22| 08:01 \nclientforms.debug.js| clientforms.debug.js| | 156496| 14-Sep-22| 08:01 \nsp.ui.tileview.debug.js| sp.ui.tileview.debug.js| | 101283| 14-Sep-22| 08:01 \nwfa14plc.config| policy.14.0.microsoft.sharepoint.workflowactions.config| | 606| 14-Sep-22| 08:01 \nmicrosoft.office.project.server.events.receivers.dll| microsoft.office.project.server.events.receivers.dll| 16.0.15601.20144| 233840| 14-Sep-22| 08:01 \nsts_odspnextnewux71d8b89e6d9d95995887b0a27dbc8f99| listitemformscenario.js| | 905215| 14-Sep-22| 08:01 \nwsrchps.dll| microsoft.sharepoint.search.powershell.dll| 16.0.15601.20144| 35240| 14-Sep-22| 08:01 \nmicrosoft.office.server.workmanagement.dll| microsoft.office.server.workmanagement.dll| 16.0.15601.20144| 630184| 14-Sep-22| 08:01 \nnotificationpanel.debug.js| notificationpanel.debug.js| | 14102| 14-Sep-22| 08:01 \nspxwebribbon14plc.config| policy.14.0.microsoft.sharepoint.spx.website.ribbon.config| | 609| 14-Sep-22| 08:01 \nmswb7.dll_1054| mswb7001e.dll| 16.0.15601.20072| 863728| | \nmicrosoft.office.project.server.administration.dll| microsoft.office.project.server.administration.dll| 16.0.15601.20144| 1001360| 14-Sep-22| 08:01 \nspnativerequestmoduledll_0001| spnativerequestmodule.dll| | 66432| 14-Sep-22| 08:01 \nows.js| ows.js| | 376417| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.taxonomy.dll_gac| microsoft.sharepoint.taxonomy.dll| 16.0.15601.20144| 1722248| 14-Sep-22| 08:01 \nconversion.proof.mshy2_es.lex| mshy7es.lex| | 145920| 14-Sep-22| 08:01 \nmssrch.dll| mssrch.dll| 16.0.15601.20072| 3170232| 14-Sep-22| 08:01 \nmicrosoft.transformation.lcdr.dll| microsoft.transformation.lcdr.dll| 16.0.15601.20158| 57240| 14-Sep-22| 08:01 \nflt14plc.config| policy.14.0.microsoft.office.server.filtercontrols.config| | 608| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.documentmanagement.dll_gac.x64| microsoft.sharepoint.client.documentmanagement.dll| 16.0.15601.20072| 45024| 14-Sep-22| 08:01 \nprm0026.bin_osssearch| prm0026.bin| | 95092736| 14-Sep-22| 08:01 \nmicrosoft.office.sharepoint.tools.dll.x64| microsoft.office.sharepoint.tools.dll| 16.0.15601.20072| 107968| 14-Sep-22| 08:01 \nsts_spclientnewuxa2da2bac4f162d1cef3f8498550ed95e| 119.5.js| | 1036| 14-Sep-22| 08:01 \nconversion.proof.mshy2_cy.dll| mshy7cy.dll| 16.0.15601.20072| 160200| 14-Sep-22| 08:01 \npowshl15.dll| policy.15.0.microsoft.sharepoint.powershell.dll| 16.0.15601.20072| 25640| 14-Sep-22| 08:01 \nstsom.dll_0001| microsoft.sharepoint.dll| 16.0.15601.20144| 37359968| 14-Sep-22| 08:01 \nautohostedlicensingtemplates.js| autohostedlicensingtemplates.js| | 8989| 14-Sep-22| 08:01 \nmicrosoft.ceres.usageanalytics.operators.dllmsil| microsoft.ceres.usageanalytics.operators.dll| 16.0.15601.20144| 65416| 14-Sep-22| 08:01 \nsec15plc.dll| policy.15.0.microsoft.office.securestoreservice.server.security.dll| 16.0.15601.20072| 26232| 14-Sep-22| 08:01 \nifs15.dll| policy.15.0.microsoft.office.infopath.server.dll| 16.0.15601.20072| 25624| 14-Sep-22| 08:01 \nmsdym7.lex_osssearch| msdym7.lex| | 443392| 14-Sep-22| 08:01 \nsdk.microsoft.office.project.shared.dll| microsoft.office.project.shared.dll| 16.0.15601.20144| 1850224| 14-Sep-22| 08:01 \nmicrosoft.office.project.webproj.dll| microsoft.office.project.webproj.dll| 16.0.15601.20144| 797584| 14-Sep-22| 08:01 \nmicrosoft.ceres.contentengine.aliaslookup.dll| microsoft.ceres.contentengine.aliaslookup.dll| 16.0.15601.20072| 63912| 14-Sep-22| 08:01 \npol14plc.config| policy.14.0.microsoft.office.policy.config| | 593| 14-Sep-22| 08:01 \nprm0010.bin_osssearch| prm0010.bin| | 18482176| 14-Sep-22| 08:01 \nstswfacb.dll| microsoft.sharepoint.workflowactions.dll| 16.0.15601.20144| 324048| 14-Sep-22| 08:01 \np14vs.dll| policy.14.0.microsoft.office.visio.server.dll| 16.0.15601.20072| 25624| 14-Sep-22| 08:01 \nps15adm.config| policy.15.0.microsoft.office.project.server.administration.config| | 616| 14-Sep-22| 08:01 \nmicrosoft.projectserver.client.phone.dll| microsoft.projectserver.client.phone.dll| 16.0.15601.20072| 415136| 14-Sep-22| 08:01 \nmicrosoft.office.web.sandbox.dll| microsoft.office.web.sandbox.dll| 16.0.15601.20072| 728032| 14-Sep-22| 08:01 \nmicrosoft.ceres.coreservices.admin.dllmsil| microsoft.ceres.coreservices.admin.dll| 16.0.15601.20072| 34712| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.userprofiles.phone.dll.x64| microsoft.sharepoint.client.userprofiles.phone.dll| 16.0.15601.20072| 176088| 14-Sep-22| 08:01 \nps15sca.config| policy.15.0.microsoft.office.project.schema.config| | 601| 14-Sep-22| 08:01 \nosrcore.dll| osrcore.dll| 16.0.15601.20072| 948632| 14-Sep-22| 08:01 \ncmis15_plc_core.config| policy.15.0.microsoft.sharepoint.cmis.core.config| | 600| 14-Sep-22| 08:01 \nwffeature15plc.dll| policy.15.0.microsoft.office.workflow.feature.dll| 16.0.15601.20072| 26144| 14-Sep-22| 08:01 \nsts_spclientnewux45c199cda8c597c6b22274f4ccd6346b| tab-test-field-customizer.js| | 5718| 14-Sep-22| 08:01 \nsts_spclientnewux0bbc1a9825e04eb5a37f62f2a09d2dbf| sp-quick-links-webpart.js| | 95228| 14-Sep-22| 08:01 \nsharepointpub.dll| microsoft.sharepoint.publishing.dll| 16.0.15601.20144| 5287312| 14-Sep-22| 08:01 \nwdsrv.dll| microsoft.office.word.server.dll| 16.0.15601.20156| 353688| 14-Sep-22| 08:01 \nmicrosoft.office.policy.bargen.dll| microsoft.office.policy.barcode.generator.dll| 16.0.15601.20144| 34776| 14-Sep-22| 08:01 \nnl7data0804.dll_osssearch| nl7data0804.dll| 16.0.15601.20072| 3575880| 14-Sep-22| 08:01 \nsts_odspnextnewux759803f73d82cd669caf6d930c79a020| recyclebinexecutors.js| | 681285| 14-Sep-22| 08:01 \nmfc140ita.dll.f1670fca_6780_3657_9c04_af8005ac8143| mfc140ita.dll| | 66424| 14-Sep-22| 08:01 \nclientforms.js| clientforms.js| | 79487| 14-Sep-22| 08:01 \njsgrid.gantt.debug.js| jsgrid.gantt.debug.js| | 110109| 14-Sep-22| 08:01 \nsp.ui.controls.js| sp.ui.controls.js| | 39729| 14-Sep-22| 08:01 \ncltrsrv.policy15.dll| policy.15.0.microsoft.office.client.translationservices.dll| 16.0.15601.20072| 26224| 14-Sep-22| 08:01 \nmicrosoft.ceres.docparsing.formathandlers.gif.dllmsil| microsoft.ceres.docparsing.formathandlers.gif.dll| 16.0.15601.20072| 31112| 14-Sep-22| 08:01 \nlaed.dll| laed.dll| 16.0.15601.20072| 170912| 14-Sep-22| 08:01 \nmicrosoft.office.server.conversions.dll| microsoft.office.server.conversions.dll| 16.0.15601.20144| 36816| 14-Sep-22| 08:01 \nclextn14.config| policy.14.0.microsoft.office.sharepoint.clientextensions.config| | 614| 14-Sep-22| 08:01 \nsts_spclientnewux3fd286c73a51e55671b2cf05ad879fe4| sp-component-layouts.js| | 203845| 14-Sep-22| 08:01 \nsppubint.dll| microsoft.sharepoint.publishing.intl.dll| 16.0.15601.20144| 361360| 14-Sep-22| 08:01 \nsts_spclientnewuxb9b92d246a2e41634cbea820644b4edc| 119.19.js| | 2500| 14-Sep-22| 08:01 \nconversion.proof.mshy2_nl.lex| mshy7nl.lex| | 1476608| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.serverruntime.dll| microsoft.sharepoint.client.serverruntime.dll| 16.0.15601.20072| 730104| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.publishing.dll.x64| microsoft.sharepoint.client.publishing.dll| 16.0.15601.20072| 82368| 14-Sep-22| 08:01 \nmicrosoft.ceres.searchcore.graphseedingmodel.dll| microsoft.ceres.searchcore.graphseedingmodel.dll| 16.0.15601.20072| 30632| 14-Sep-22| 08:01 \nmicrosoft.eedict_companies.no.dll| microsoft.eedict_companies.no| 16.0.15601.20158| 2108840| 14-Sep-22| 08:01 \nappcatalogfieldtemplate.debug.js| appcatalogfieldtemplate.debug.js| | 9638| 14-Sep-22| 08:01 \nsts_odspnextnewuxdc9ebd6c43507fcad50632f22cb166c4| splistexecutors.js| | 398572| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.runtime.dll_0001.x64| microsoft.sharepoint.client.runtime.dll| 16.0.15601.20072| 305080| 14-Sep-22| 08:01 \ndragdrop.debug.js| dragdrop.debug.js| | 237846| 14-Sep-22| 08:01 \nsp.ui.documentssharedbyme.js| sp.ui.documentssharedbyme.js| | 2212| 14-Sep-22| 08:01 \nsts_spclientnewux1415a0189689fde0901e2d1422eb80c4| 24.sp-pages-firstrun.js| | 21558| 14-Sep-22| 08:01 \ncontentdatabasecreate.sql| contentdatabasecreate.sql| | 8500968| 14-Sep-22| 08:01 \njsapiutils.debug.js| jsapiutils.debug.js| | 91546| 14-Sep-22| 08:01 \ndlcworkflowactions_dll| microsoft.office.workflow.actions.dll| 16.0.15601.20144| 158656| 14-Sep-22| 08:01 \nsharingmodern.js| sharingmodern.js| | 5807| 14-Sep-22| 08:01 \nmicrosoft.office.slidelibrary.dll| microsoft.office.slidelibrary.dll| 16.0.15601.20144| 32704| 14-Sep-22| 08:01 \nsts_odspnextnewux57f35b229017c79fd2db2964ca66fbca| odbsites.js| | 152208| 14-Sep-22| 08:01 \nmicrosoft_htmltrans_interface.dll| microsoft.htmltrans.interface.dll| 16.0.15601.20072| 29112| 14-Sep-22| 08:01 \nbar12plc.config| policy.12.0.microsoft.office.policy.barcode.generator.config| | 611| 14-Sep-22| 08:01 \nsts_spclientnewuxb3b4f7cd0e237860f1b8fdbe1372826e| sp-pages-assembly.js| | 2689736| 14-Sep-22| 08:01 \nmicrosoft.office.server.userprofiles.serverstub.dll_0001| microsoft.office.server.userprofiles.serverstub.dll| 16.0.15601.20144| 405336| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.search.applications.silverlight.dll.x64| microsoft.sharepoint.client.search.applications.silverlight.dll| 16.0.15601.20072| 30264| 14-Sep-22| 08:01 \nannouncementtilesdebug.js| sp.ui.announcementtiles.debug.js| | 14781| 14-Sep-22| 08:01 \nsharepointcmiscore_gac.dll| microsoft.sharepoint.cmis.core.dll| 16.0.15601.20144| 233880| 14-Sep-22| 08:01 \nmicrosoft.ceres.contentengine.component.dll| microsoft.ceres.contentengine.component.dll| 16.0.15601.20072| 311704| 14-Sep-22| 08:01 \nmicrosoft.ceres.evaluation.datamodel.types.dll| microsoft.ceres.evaluation.datamodel.types.dll| 16.0.15601.20072| 86400| 14-Sep-22| 08:01 \nmicrosoft.ceres.evaluation.engine.wcftransport.dll| microsoft.ceres.evaluation.engine.wcftransport.dll| 16.0.15601.20072| 37784| 14-Sep-22| 08:01 \nconversion.proof.mshy2_cr.dll| mshy7hr.dll| 16.0.15601.20072| 160192| 14-Sep-22| 08:01 \nconversion.proof.mshy2_lt.dll| mshy7lt.dll| 16.0.15601.20072| 160200| 14-Sep-22| 08:01 \nsts_odspnextnewux506c878c67f39538b69ab51117ced233| splistdeferredexpress.js| | 1681378| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.client.userprofiles.silverlight.dll.x64| microsoft.sharepoint.client.userprofiles.silverlight.dll| 16.0.15601.20072| 176144| 14-Sep-22| 08:01 \nmicrosoft.office.mhtexport.dll| microsoft.office.mhtexport.dll| 16.0.15601.20072| 38280| 14-Sep-22| 08:01 \nmicrosoft.fileservices.v1.dll| microsoft.fileservices.v1.dll| 16.0.15601.20144| 113032| 14-Sep-22| 08:01 \nblank.js| blank.js| | 456| 14-Sep-22| 08:01 \nsp.runtime.debug.js| sp.runtime.debug.js| | 196977| 14-Sep-22| 08:01 \nsts_spclientnewux5cc0db2f55fefc867180d5009f1537d8| 112.image-gallery-edit-mode.js| | 46616| 14-Sep-22| 08:01 \nsts_spclientnewux093af12649628a85d8e1459fd6bececd| 119.25.js| | 926| 14-Sep-22| 08:01 \nmicrosoft.ceres.evaluation.services.dll| microsoft.ceres.evaluation.services.dll| 16.0.15601.20072| 51080| 14-Sep-22| 08:01 \noschps.dll| microsoft.office.server.search.powershell.dll| 16.0.15601.20144| 315328| 14-Sep-22| 08:01 \nprm001f.bin_osssearch| prm001f.bin| | 16038400| 14-Sep-22| 08:01 \nsts_spclientnewux74efe837ca6ab8485f88cb384556a858| 119.21.js| | 2156| 14-Sep-22| 08:01 \nmicrosoft.projectserver.client.dll_001| microsoft.projectserver.client.dll| 16.0.15601.20144| 414688| 14-Sep-22| 08:01 \nkpilro.js| kpilro.js| | 3184| 14-Sep-22| 08:01 \nwffeature15plc.config| policy.15.0.microsoft.office.workflow.feature.config| | 603| 14-Sep-22| 08:01 \nmfc140jpn.dll.dfefc2fe_eee6_424c_841b_d4e66f0c84a3| mfc140jpn.dll| | 47992| 14-Sep-22| 08:01 \nspadmin.rsx| spadmin.resx| | 392694| 14-Sep-22| 08:01 \nsts_odspnextnewux4a79707daf48fcca13da03638a9e77b8| odbreactcontrols.js| | 603347| 14-Sep-22| 08:01 \nonesiteweblayoutxap_silverlightslideshowcontrol.xap| silverlightslideshowcontrol.xap| | 208144| 14-Sep-22| 08:01 \nmfc140kor.dll.f1670fca_6780_3657_9c04_af8005ac8143| mfc140kor.dll| | 46968| 14-Sep-22| 08:01 \nstore.xml| store.xml| | 8928897| 14-Sep-22| 08:01 \nmicrosoft.vroom.sharepoint.dll| microsoft.vroom.sharepoint.dll| 16.0.15601.20144| 610744| 14-Sep-22| 08:01 \nwsshelp.xml_1086| microsoft.sharepoint.powershell.dll-help.xml| | | 14-Sep-22| 08:22 \nmicrosoft.cobaltcore.dll| microsoft.cobaltcore.dll| 16.0.15601.20072| 2977696| 14-Sep-22| 08:01 \nsharing.debug.js| sharing.debug.js| | 322361| 14-Sep-22| 08:01 \nwsshelp.xml_1026| microsoft.sharepoint.powershell.dll-help.xml| | | 14-Sep-22| 08:22 \nsptrns.dll| microsoft.sharepoint.translation.dll| 16.0.15601.20156| 1103264| 14-Sep-22| 08:01 \nlobigen.dll| microsoft.office.businessapplications.tools.autogen.dll| 16.0.15601.20072| 51072| 14-Sep-22| 08:01 \nmicrosoft.ceres.contentengine.datamodel.recordserializer.dll| microsoft.ceres.contentengine.datamodel.recordserializer.dll| 16.0.15601.20072| 59784| 14-Sep-22| 08:01 \nmicrofeeddebug.js| sp.ui.microfeed.debug.js| | 393708| 14-Sep-22| 08:01 \nmicrosoft.ceres.common.constants.dll| microsoft.ceres.common.constants.dll| 16.0.15601.20072| 27016| 14-Sep-22| 08:01 \nmquery.js| mquery.js| | 22616| 14-Sep-22| 08:01 \nsp.ui.allapps.debug.js| sp.ui.allapps.debug.js| | 45304| 14-Sep-22| 08:01 \nmicrosoft.ceres.contentengine.recordtype.dll| microsoft.ceres.contentengine.recordtype.dll| 16.0.15601.20072| 25992| 14-Sep-22| 08:01 \nmfcm140.dll.dfefc2fe_eee6_424c_841b_d4e66f0c84a3| mfcm140.dll| | 84856| 14-Sep-22| 08:01 \niiswbste.asc| iiswebsitesection.ascx| | 20064| 14-Sep-22| 08:01 \nmsasxmla.dll| microsoft.excel.xmla.dll| 13.0.1605.913| 666016| 14-Sep-22| 08:01 \nsts_spclientnewuxb54a115dc393186e6b847069529402c6| 119.22.js| | 2041| 14-Sep-22| 08:01 \nsts_spclientnewux7074c2bfed035bf8c2961cb2d5f6a4f3| 119.16.js| | 2437| 14-Sep-22| 08:01 \nsts_spclientnewuxf53d21e6809884092f46438aba3f5d97| 24.odsp-datasources.js| | 33246| 14-Sep-22| 08:01 \npol15plc.dll| policy.15.0.microsoft.office.policy.dll| 16.0.15601.20072| 25608| 14-Sep-22| 08:01 \nwdsrv.conversion.worker.dll| wdsrvworker.dll| 16.0.15601.20072| 110488| 14-Sep-22| 08:01 \nwffeature14plc.dll| policy.14.0.microsoft.office.workflow.feature.dll| 16.0.15601.20072| 26176| 14-Sep-22| 08:01 \napprequestmanagefieldtemplate.debug.js| apprequestmanagefieldtemplate.debug.js| | 2771| 14-Sep-22| 08:01 \nmicrosoft.ceres.docparsing.formathandlers.common.jpeg.dllmsil| microsoft.ceres.docparsing.formathandlers.common.jpeg.dll| 16.0.15601.20072| 139664| 14-Sep-22| 08:01 \nspdxappmanagement.dll| microsoft.sharepoint.appmanagement.dll| 16.0.15601.20144| 70536| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.publishing.serverstub.dll| microsoft.sharepoint.publishing.serverstub.dll| 16.0.15601.20144| 280592| 14-Sep-22| 08:01 \nactxprjlchr.js| activexwinprojlauncher.js| | 985| 14-Sep-22| 08:01 \nreputation.js| reputation.js| | 3430| 14-Sep-22| 08:01 \nmicrosoft.sharepoint.spx.webhosting.ribbon.dll| microsoft.sharepoint.spx.website.ribbon.dll| 16.0.15601.20144| 47104| 14-Sep-22| 08:01 \nps14plc.config| policy.14.0.microsoft.office.project.server.pwa.config| | 605| 14-Sep-22| 08:01 \nconversion.proof.mshy2_bg.dll| mshy7bg.dll| 16.0.15601.20072| 160208| 14-Sep-22| 08:01 \nstssoap.dll| stssoap.dl