exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2022-32230

почти 4 года назад

Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death (BSOD) crash of the Windows kernel. For most systems, this attack requires authentication, except in the special case of Windows Domain Controllers, where unauthenticated users can always open named pipes as long as they can establish an SMB session. Typically, after the BSOD, the victim SMBv3 server will reboot.

CVSS3: 7.5

EPSS: Средний

CVE-2022-32230

почти 4 года назад

Windows SMB Denial of Service Vulnerability

EPSS: Средний

GHSA-cgqq-pmpm-6gmx

почти 4 года назад

Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death (BSOD) crash of the Windows kernel. For most systems, this attack requires authentication, except in the special case of Windows Domain Controllers, where unauthenticated users can always open named pipes as long as they can establish an SMB session. Typically, after the BSOD, the victim SMBv3 server will reboot.

CVSS3: 7.5

EPSS: Средний

BDU:2022-03537

почти 4 года назад

Уязвимость реализации сетевого протокола Windows SMB операционной системы Microsoft Windows, позволяющая нарушителю вызвать отказ в обслуживании

CVSS3: 7.5

EPSS: Средний

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2022-32230 Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death (BSOD) crash of the Windows kernel. For most systems, this attack requires authentication, except in the special case of Windows Domain Controllers, where unauthenticated users can always open named pipes as long as they can establish an SMB session. Typically, after the BSOD, the victim SMBv3 server will reboot.	CVSS3: 7.5	29% Средний	почти 4 года назад
CVE-2022-32230 Windows SMB Denial of Service Vulnerability		29% Средний	почти 4 года назад
GHSA-cgqq-pmpm-6gmx Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death (BSOD) crash of the Windows kernel. For most systems, this attack requires authentication, except in the special case of Windows Domain Controllers, where unauthenticated users can always open named pipes as long as they can establish an SMB session. Typically, after the BSOD, the victim SMBv3 server will reboot.	CVSS3: 7.5	29% Средний	почти 4 года назад
BDU:2022-03537 Уязвимость реализации сетевого протокола Windows SMB операционной системы Microsoft Windows, позволяющая нарушителю вызвать отказ в обслуживании	CVSS3: 7.5	29% Средний	почти 4 года назад

Уязвимостей на страницу