CVE-2023-29355

Опубликовано: 13 июн. 2023

Источник: msrc

CVSS3: 5.3

EPSS Низкий

Описание

DHCP Server Service Information Disclosure Vulnerability

Меры по смягчению последствий

The following mitigating factors might be helpful in your situation:

Customers who have not configured their DHCP server as a failover are not affected by this vulnerability.

FAQ

What type of information could be disclosed by this vulnerability?

The attacker might be able to guess the DHCP server's IP addresses pool information, which would otherwise not be disclosed.

Обновления

Продукт	Статья	Обновление
Windows Server 2012	5027283 5027281	Monthly Rollup Security Only
Windows Server 2012 (Server Core installation)	5027283 5027281	Monthly Rollup Security Only
Windows Server 2012 R2	5027271 5027282	Monthly Rollup Security Only
Windows Server 2012 R2 (Server Core installation)	5027271 5027282	Monthly Rollup Security Only
Windows Server 2016	5027219	Security Update
Windows Server 2016 (Server Core installation)	5027219	Security Update
Windows Server 2019	5027222	Security Update
Windows Server 2019 (Server Core installation)	5027222	Security Update
Windows Server 2022	5027225 5027319	Security Update Security Hotpatch Update
Windows Server 2022 (Server Core installation)	5027225 5027319	Security Update Security Hotpatch Update

Показывать по

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 80%

0.01431

Низкий

5.3 Medium

CVSS3

Связанные уязвимости

CVE-2023-29355

CVSS3: 5.3

nvd

около 2 лет назад

DHCP Server Service Information Disclosure Vulnerability

GHSA-frpc-mxvh-f9w7

CVSS3: 5.3

github

около 2 лет назад

DHCP Server Service Information Disclosure Vulnerability

BDU:2023-03335

CVSS3: 5.3

fstec

около 2 лет назад

Уязвимость службы DHCP-сервера операционных систем Windows, позволяющая нарушителю раскрыть защищаемую информацию

EPSS

Процентиль: 80%

0.01431

Низкий

5.3 Medium

CVSS3