Lucene search
HistoryMar 14, 2023 - 5:15 p.m.
CVE-2023-23392
cve-2023-23392
nvd
remote code execution
http protocol stack
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.5 High
AI Score
Confidence
High
0.011 Low
EPSS
Percentile
84.4%
HTTP Protocol Stack Remote Code Execution Vulnerability
Affected configurations
Node
microsoftwindows_server_2022Range10.0.0β10.0.20348.1607
ORmicrosoftwindows_server_2022Range10.0.0β10.0.20348.1600
ORmicrosoftwindows_11_21h2Range10.0.0β10.0.22000.1696
ORmicrosoftwindows_11_22h2Range10.0.0β10.0.22621.1413
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_server_2022 | * | cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* |
| microsoft | windows_server_2022 | * | cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* |
| microsoft | windows_11_21h2 | * | cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:* |
| microsoft | windows_11_22h2 | * | cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Windows Server 2022",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1607:*:*:*:*:*:*:*",
"cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1600:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.20348.1607",
"versionType": "custom",
"status": "affected"
},
{
"version": "10.0.0",
"lessThan": "10.0.20348.1600",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 11 version 21H2",
"cpes": [
"cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.1696:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.1696:*:*:*:*:*:arm64:*"
],
"platforms": [
"x64-based Systems",
"ARM64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.22000.1696",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows 11 version 22H2",
"cpes": [
"cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.1413:*:*:*:*:*:arm64:*",
"cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.1413:*:*:*:*:*:x64:*"
],
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.22621.1413",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
prion
prion
Remote code execution
2023-03-14 17:15:00
mscve
mscve
HTTP Protocol Stack Remote Code Execution Vulnerability
2023-03-14 07:00:00
nvd
nvd
CVE-2023-23392
2023-03-14 17:15:12
cvelist
cvelist
CVE-2023-23392 HTTP Protocol Stack Remote Code Execution Vulnerability
2023-03-14 16:55:25
talosblog
talosblog
avleonov
avleonov
thn
thn
qualysblog
qualysblog
The MarchΒ 2023 Patch Tuesday Security Update Review
2023-03-15 00:08:07
nessus
nessus
KB5023698: Windows 11 version 21H2 Security Update (March 2023)
2023-03-14 00:00:00
KB5023706: Windows 11 version 22H2 Security Update (March 2023)
2023-03-14 00:00:00
KB5023705: Windows 2022 / Azure Stack HCI 22H2 Security Update (March 2023)
2023-03-14 00:00:00
mskb
mskb
March 14, 2023β KB5023786 (OS Build 20348.1602)
2023-03-14 07:00:00
March 14, 2023βKB5023705 (OS Build 20348.1607)
2023-03-14 07:00:00
March 14, 2023βKB5023698 (OS Build 22000.1696)
2023-03-14 07:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5023706)
2023-07-21 00:00:00
kaspersky
kaspersky
KLA48553 Multiple vulnerabilities in Microsoft Windows
2023-03-14 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - March 2023
2023-03-14 23:46:44
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.5 High
AI Score
Confidence
High
0.011 Low
EPSS
Percentile
84.4%
Related for CVE-2023-23392