CVE-2022-38045

Опубликовано: 31 окт. 2022

Источник: msrc

CVSS3: 8.8

EPSS Низкий

Описание

Windows Server Service Elevation of Privilege Vulnerability

FAQ

According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

The attacker must be authenticated to be able to exploit this vulnerability.

Обновления

Продукт	Статья	Обновление
Windows Server 2012	5018457 5018478	Monthly Rollup Security Only
Windows Server 2012 (Server Core installation)	5018457 5018478	Monthly Rollup Security Only
Windows 8.1 for 32-bit systems	5018474 5018476	Monthly Rollup Security Only
Windows 8.1 for x64-based systems	5018474 5018476	Monthly Rollup Security Only
Windows Server 2012 R2	5018474 5018476	Monthly Rollup Security Only
Windows RT 8.1	5018474	-
Windows Server 2012 R2 (Server Core installation)	5018474 5018476	Monthly Rollup Security Only
Windows 10 for 32-bit Systems	5018425	Security Update
Windows 10 for x64-based Systems	5018425	Security Update
Windows Server 2016	5018411	Security Update

Показывать по

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

Older Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 90%

0.06112

Низкий

8.8 High

CVSS3

Связанные уязвимости

CVE-2022-38045

CVSS3: 8.8

nvd

около 3 лет назад

Windows Server Service Elevation of Privilege Vulnerability

GHSA-x4cp-qc28-2pqp

CVSS3: 8.8

github

около 3 лет назад

Server Service Remote Protocol Elevation of Privilege Vulnerability.

BDU:2022-07149

CVSS3: 8.8

fstec

около 3 лет назад

Уязвимость службы Windows Server операционной системы Windows, позволяющая нарушителю повысить свои привилегии

EPSS

Процентиль: 90%

0.06112

Низкий

8.8 High

CVSS3