Lucene search
MicrosoftVULNRICHMENT:CVE-2023-35308HistoryJul 11, 2023 - 5:03 p.m.
CVE-2023-35308 Windows MSHTML Platform Security Feature Bypass Vulnerability
2023-07-1117:03:25
CWE-73
microsoft
github.com
7
cve-2023-35308
windows
mshtml
platform security
bypass
vulnerability
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C
AI Score
6.8
Confidence
Low
EPSS
0.002
Percentile
51.8%
SSVC
Exploitation
none
Automatable
yes
Technical Impact
partial
CNA Affected
[
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4645:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4645:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4645:*:*:*:*:*:arm64:*"
],
"vendor": "Microsoft",
"product": "Windows 10 Version 1809",
"versions": [
{
"status": "affected",
"version": "10.0.0",
"lessThan": "10.0.17763.4645",
"versionType": "custom"
}
],
"platforms": [
"32-bit Systems",
"x64-based Systems",
"ARM64-based Systems"
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4645:*:*:*:*:*:*:*"
],
"vendor": "Microsoft",
"product": "Windows Server 2019",
"versions": [
{
"status": "affected",
"version": "10.0.0",
"lessThan": "10.0.17763.4645",
"versionType": "custom"
}
],
"platforms": [
"x64-based Systems"
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4645:*:*:*:*:*:*:*"
],
"vendor": "Microsoft",
"product": "Windows Server 2019 (Server Core installation)",
"versions": [
{
"status": "affected",
"version": "10.0.0",
"lessThan": "10.0.17763.4645",
"versionType": "custom"
}
],
"platforms": [
"x64-based Systems"
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1850:*:*:*:*:*:*:*"
],
"vendor": "Microsoft",
"product": "Windows Server 2022",
"versions": [
{
"status": "affected",
"version": "10.0.0",
"lessThan": "10.0.20348.1850",
"versionType": "custom"
}
],
"platforms": [
"x64-based Systems"
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2176:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2176:*:*:*:*:*:arm64:*"
],
"vendor": "Microsoft",
"product": "Windows 11 version 21H2",
"versions": [
{
"status": "affected",
"version": "10.0.0",
"lessThan": "10.0.22000.2176",
"versionType": "custom"
}
],
"platforms": [
"x64-based Systems",
"ARM64-based Systems"
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3208:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3208:*:*:*:*:*:arm64:*",
"cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.3208:*:*:*:*:*:x64:*"
],
"vendor": "Microsoft",
"product": "Windows 10 Version 21H2",
"versions": [
{
"status": "affected",
"version": "10.0.0",
"lessThan": "10.0.19044.3208",
"versionType": "custom"
}
],
"platforms": [
"32-bit Systems",
"ARM64-based Systems"
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.1992:*:*:*:*:*:arm64:*",
"cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.1992:*:*:*:*:*:x64:*"
],
"vendor": "Microsoft",
"product": "Windows 11 version 22H2",
"versions": [
{
"status": "affected",
"version": "10.0.0",
"lessThan": "10.0.22621.1992",
"versionType": "custom"
}
],
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3208:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3208:*:*:*:*:*:arm64:*",
"cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.3208:*:*:*:*:*:x86:*"
],
"vendor": "Microsoft",
"product": "Windows 10 Version 22H2",
"versions": [
{
"status": "affected",
"version": "10.0.0",
"lessThan": "10.0.19045.3208",
"versionType": "custom"
}
],
"platforms": [
"x64-based Systems",
"ARM64-based Systems",
"32-bit Systems"
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20048:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20048:*:*:*:*:*:x64:*"
],
"vendor": "Microsoft",
"product": "Windows 10 Version 1507",
"versions": [
{
"status": "affected",
"version": "10.0.0",
"lessThan": "10.0.10240.20048",
"versionType": "custom"
}
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6085:*:*:*:*:*:x86:*",
"cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6085:*:*:*:*:*:x64:*"
],
"vendor": "Microsoft",
"product": "Windows 10 Version 1607",
"versions": [
{
"status": "affected",
"version": "10.0.0",
"lessThan": "10.0.14393.6085",
"versionType": "custom"
}
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6085:*:*:*:*:*:*:*"
],
"vendor": "Microsoft",
"product": "Windows Server 2016",
"versions": [
{
"status": "affected",
"version": "10.0.0",
"lessThan": "10.0.14393.6085",
"versionType": "custom"
}
],
"platforms": [
"x64-based Systems"
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6085:*:*:*:*:*:*:*"
],
"vendor": "Microsoft",
"product": "Windows Server 2016 (Server Core installation)",
"versions": [
{
"status": "affected",
"version": "10.0.0",
"lessThan": "10.0.14393.6085",
"versionType": "custom"
}
],
"platforms": [
"x64-based Systems"
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21063:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21075:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_server_2012_R2:1.001:*:*:*:*:*:x64:*"
],
"vendor": "Microsoft",
"product": "Windows Server 2012 R2",
"versions": [
{
"status": "affected",
"version": "6.3.0",
"lessThan": "6.3.9600.21063",
"versionType": "custom"
},
{
"status": "affected",
"version": "6.3.0",
"lessThan": "6.3.9600.21075",
"versionType": "custom"
},
{
"status": "affected",
"version": "6.3.0",
"lessThan": "1.001",
"versionType": "custom"
}
],
"platforms": [
"x64-based Systems"
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21063:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21075:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_server_2012_R2:1.001:*:*:*:*:*:x64:*"
],
"vendor": "Microsoft",
"product": "Windows Server 2012 R2 (Server Core installation)",
"versions": [
{
"status": "affected",
"version": "6.3.0",
"lessThan": "6.3.9600.21063",
"versionType": "custom"
},
{
"status": "affected",
"version": "6.3.0",
"lessThan": "6.3.9600.21075",
"versionType": "custom"
},
{
"status": "affected",
"version": "6.3.0",
"lessThan": "1.001",
"versionType": "custom"
}
],
"platforms": [
"x64-based Systems"
]
}
]Related
prion
prion
Security feature bypass
2023-07-11 18:15:00
cve
cve
CVE-2023-35308
2023-07-11 18:15:17
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5028186)
2023-07-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5028166)
2023-07-12 00:00:00
mscve
mscve
Windows MSHTML Platform Security Feature Bypass Vulnerability
2023-07-11 07:00:00
cvelist
cvelist
CVE-2023-35308 Windows MSHTML Platform Security Feature Bypass Vulnerability
2023-07-11 17:03:25
nvd
nvd
CVE-2023-35308
2023-07-11 18:15:17
mskb
mskb
KB5028167: Cumulative security update for Internet Explorer: July 11, 2023
2023-07-11 07:00:00
July 11, 2023âKB5028186 (OS Build 10240.20048)
2023-07-11 07:00:00
July 11, 2023âKB5028223 (Security-only update)
2023-07-11 07:00:00
nessus
nessus
KB5028186: Windows 10 LTS 1507 Security Update (July 2023)
2023-07-11 00:00:00
KB5028223: Windows Server 2012 R2 Security Update (July 2023)
2023-07-11 00:00:00
kaspersky
kaspersky
KLA50775 Multiple vulnerabilities in Microsoft Products (ESU)
2023-07-11 00:00:00
KLA50774 Multiple vulnerabilities in Microsoft Windows
2023-07-11 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - July 2023
2023-07-11 21:50:34
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C
AI Score
6.8
Confidence
Low
EPSS
0.002
Percentile
51.8%
SSVC
Exploitation
none
Automatable
yes
Technical Impact
partial
Related for VULNRICHMENT:CVE-2023-35308