CVE-2022-21871

Published Jan 11, 2022

Last updated 3 months ago

CVSS high 7.8

Overview

Description: Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability
Source: secure@microsoft.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 7.2
Impact score: 10
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "34732619-6387-49DD-ABF9-15CA8696D509",
            "versionEndExcluding": "15.9.44",
            "versionStartIncluding": "15.0"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "839813AB-6F4A-40E8-8914-652551499AC2",
            "versionEndExcluding": "16.7.25",
            "versionStartIncluding": "16.0"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24C149B5-F832-4108-8E81-069514FBAD0B",
            "versionEndExcluding": "16.9.17",
            "versionStartIncluding": "16.8"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "BCF9D462-E6B6-45D3-8E9F-788F2E646817",
            "versionEndExcluding": "10.0.10240.19177"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
            "vulnerable": true,
            "matchCriteriaId": "9B6CEFAB-4D29-4427-8294-203A4A98F1AE",
            "versionEndExcluding": "10.0.10240.19177"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "010F22B5-38B1-4176-B7E8-BB8875B9787C",
            "versionEndExcluding": "10.0.14393.4886"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
            "vulnerable": true,
            "matchCriteriaId": "4D852EB5-2456-429B-B1D8-DD57710DFE49",
            "versionEndExcluding": "10.0.14393.4886"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86E8ADB6-8720-454D-AAFE-C5B4C65EB462",
            "versionEndExcluding": "10.0.17763.2452"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2358BDB5-DB2B-4A60-A9F2-06F2CB0628EB",
            "versionEndExcluding": "10.0.18363.2037"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE8DAF46-1702-46D1-AAF3-CEFA567953D1",
            "versionEndExcluding": "10.0.19042.1466"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D4CB80E-5C0A-430C-9F56-9295EBBFD9C4",
            "versionEndExcluding": "10.0.19043.1466"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38105E41-F04D-444B-A9F7-51E94726E1E2",
            "versionEndExcluding": "10.0.19044.1466"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7048A3C3-6FB5-46FA-A709-4A51362E84B2",
            "versionEndExcluding": "10.0.22000.434"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server:2022:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE257836-4F4D-4352-8293-B9CAD34F8794"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A190388-AA82-4504-9D5A-624F23268C9F"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References