Lucene search
MicrosoftVULNRICHMENT:CVE-2023-28247HistoryApr 11, 2023 - 7:13 p.m.
CVE-2023-28247 Windows Network File System Information Disclosure Vulnerability
2023-04-1119:13:47
CWE-191
microsoft
github.com
2
cve-2023-28247
windows
network file system
information disclosure
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
AI Score
6.8
Confidence
Low
SSVC
Exploitation
none
Automatable
yes
Technical Impact
partial
CNA Affected
[
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4252:*:*:*:*:*:*:*"
],
"vendor": "Microsoft",
"product": "Windows Server 2019",
"versions": [
{
"status": "affected",
"version": "10.0.0",
"lessThan": "10.0.17763.4252",
"versionType": "custom"
}
],
"platforms": [
"x64-based Systems"
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4252:*:*:*:*:*:*:*"
],
"vendor": "Microsoft",
"product": "Windows Server 2019 (Server Core installation)",
"versions": [
{
"status": "affected",
"version": "10.0.0",
"lessThan": "10.0.17763.4252",
"versionType": "custom"
}
],
"platforms": [
"x64-based Systems"
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1668:*:*:*:*:*:*:*"
],
"vendor": "Microsoft",
"product": "Windows Server 2022",
"versions": [
{
"status": "affected",
"version": "10.0.0",
"lessThan": "10.0.20348.1668",
"versionType": "custom"
}
],
"platforms": [
"x64-based Systems"
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5850:*:*:*:*:*:*:*"
],
"vendor": "Microsoft",
"product": "Windows Server 2016",
"versions": [
{
"status": "affected",
"version": "10.0.0",
"lessThan": "10.0.14393.5850",
"versionType": "custom"
}
],
"platforms": [
"x64-based Systems"
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5850:*:*:*:*:*:*:*"
],
"vendor": "Microsoft",
"product": "Windows Server 2016 (Server Core installation)",
"versions": [
{
"status": "affected",
"version": "10.0.0",
"lessThan": "10.0.14393.5850",
"versionType": "custom"
}
],
"platforms": [
"x64-based Systems"
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24216:*:*:*:*:*:x64:*"
],
"vendor": "Microsoft",
"product": "Windows Server 2012",
"versions": [
{
"status": "affected",
"version": "6.2.0",
"lessThan": "6.2.9200.24216",
"versionType": "custom"
}
],
"platforms": [
"x64-based Systems"
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24216:*:*:*:*:*:x64:*"
],
"vendor": "Microsoft",
"product": "Windows Server 2012 (Server Core installation)",
"versions": [
{
"status": "affected",
"version": "6.2.0",
"lessThan": "6.2.9200.24216",
"versionType": "custom"
}
],
"platforms": [
"x64-based Systems"
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20919:*:*:*:*:*:x64:*"
],
"vendor": "Microsoft",
"product": "Windows Server 2012 R2",
"versions": [
{
"status": "affected",
"version": "6.3.0",
"lessThan": "6.3.9600.20919",
"versionType": "custom"
}
],
"platforms": [
"x64-based Systems"
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20919:*:*:*:*:*:x64:*"
],
"vendor": "Microsoft",
"product": "Windows Server 2012 R2 (Server Core installation)",
"versions": [
{
"status": "affected",
"version": "6.3.0",
"lessThan": "6.3.9600.20919",
"versionType": "custom"
}
],
"platforms": [
"x64-based Systems"
]
}
]Related
prion
prion
Information disclosure
2023-04-11 21:15:00
mscve
mscve
Windows Network File System Information Disclosure Vulnerability
2023-04-11 07:00:00
nvd
nvd
CVE-2023-28247
2023-04-11 21:15:24
cve
cve
CVE-2023-28247
2023-04-11 21:15:24
cvelist
cvelist
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5025285)
2023-04-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5025287)
2023-04-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5025228)
2023-04-12 00:00:00
nessus
nessus
mskb
mskb
April 11, 2023âKB5025272 (Security-only update)
2023-04-11 07:00:00
April 11, 2023âKB5025287 (Monthly Rollup)
2023-04-11 07:00:00
April 11, 2023âKB5025288 (Security-only update)
2023-04-11 07:00:00
kaspersky
kaspersky
KLA48842 Multiple vulnerabilities in Microsoft Products (ESU)
2023-04-11 00:00:00
KLA48845 Multiple vulnerabilities in Microsoft Windows
2023-04-11 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - April 2023
2023-04-11 22:49:56
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
AI Score
6.8
Confidence
Low
SSVC
Exploitation
none
Automatable
yes
Technical Impact
partial
Related for VULNRICHMENT:CVE-2023-28247