CVE-2023-36914

Опубликовано: 08 авг. 2023

Источник: msrc

CVSS3: 5.5

EPSS Низкий

Описание

Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability

FAQ

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass the Fast Identity Online (FIDO) secure authentication feature.

Обновления

Продукт	Статья	Обновление
Windows Server 2022	5029250 5029367	Security Update Security Hotpatch Update
Windows Server 2022 (Server Core installation)	5029250 5029367	Security Update Security Hotpatch Update
Windows 11 version 21H2 for x64-based Systems	5029253	Security Update
Windows 11 version 21H2 for ARM64-based Systems	5029253	Security Update
Windows 10 Version 21H2 for 32-bit Systems	5029244	Security Update
Windows 10 Version 21H2 for ARM64-based Systems	5029244	Security Update
Windows 10 Version 21H2 for x64-based Systems	5029244	Security Update
Windows 11 Version 22H2 for ARM64-based Systems	5029263	Security Update
Windows 11 Version 22H2 for x64-based Systems	5029263	Security Update
Windows 10 Version 22H2 for x64-based Systems	5029244	Security Update

Показывать по

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 39%

0.00169

Низкий

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2023-36914

CVSS3: 5.5

nvd

почти 2 года назад

Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability

GHSA-hfm3-j43v-9h2m

CVSS3: 5.5

github

почти 2 года назад

Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability

BDU:2023-04730

CVSS3: 5.5

fstec

почти 2 года назад

Уязвимость сервера управления ресурсами смарт-карт Smart Card Resource Management Server операционной системы Windows, позволяющая нарушителю раскрыть защищаемую информацию

EPSS

Процентиль: 39%

0.00169

Низкий

5.5 Medium

CVSS3