CVE-2023-21549

Published Jan 10, 2023
Last updated 6 months ago
Overview

Description: Windows SMB Witness Service Elevation of Privilege Vulnerability
Source: secure@microsoft.com
NVD status: Modified
Hype score: Not currently trending
Risk scores

CVSS 3.1

Type: Primary
Base score: 8.8
Impact score: 5.9
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH
Weaknesses

nvd@nist.gov: CWE-269
secure@microsoft.com: CWE-285
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "5E491E46-1917-41FE-8F9A-BB0BDDEB42C3"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",
            "vulnerable": true,
            "matchCriteriaId": "0A1BC97A-263E-4291-8AEF-02EE4E6031E9"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:arm64:*",
            "vulnerable": true,
            "matchCriteriaId": "73D24713-D897-408D-893B-77A61982597D"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "306B7CE6-8239-4AED-9ED4-4C9F5B349F58"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x86:*",
            "vulnerable": true,
            "matchCriteriaId": "345FCD64-D37B-425B-B64C-8B1640B7E850"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_20h2:-:*:*:*:*:*:arm64:*",
            "vulnerable": true,
            "matchCriteriaId": "E4150CE0-6A16-4C62-989B-840EF7880C36"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_20h2:-:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "83C0919F-C4C8-45AE-BDA8-4D88BF0450D5"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_20h2:-:*:*:*:*:*:x86:*",
            "vulnerable": true,
            "matchCriteriaId": "47D30450-851A-4C4E-9116-8CFCE5CFA276"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:arm64:*",
            "vulnerable": true,
            "matchCriteriaId": "8FC46499-DB6E-48BF-9334-85EE27AFE7AF"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "83A79DD6-E74E-419F-93F1-323B68502633"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x86:*",
            "vulnerable": true,
            "matchCriteriaId": "61959ACC-B608-4556-92AF-4D94B338907A"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:arm64:*",
            "vulnerable": true,
            "matchCriteriaId": "A9D54EE6-30AF-411C-A285-A4DCB6C6EC06"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "C230D3BF-7FCE-405C-B62E-B9190C995C3C"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x86:*",
            "vulnerable": true,
            "matchCriteriaId": "1FD62DCB-66D1-4CEA-828E-0BD302AC63CA"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:arm64:*",
            "vulnerable": true,
            "matchCriteriaId": "F2D718BD-C4B7-48DB-BE78-B9CA22F27DD0"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "0C3552E0-F793-4CDD-965D-457495475805"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:arm64:*",
            "vulnerable": true,
            "matchCriteriaId": "B2D24C54-F04F-4717-B614-FE67B3ED9DC0"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "D5EC3F68-8F41-4F6B-B2E5-920322A4A321"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*",
            "vulnerable": true,
            "matchCriteriaId": "06BBFA69-94E2-4BAB-AFD3-BC434B11D106"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "C936FD4F-959C-43B8-9917-E2A0DF4A8793"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Social media

Risk scores

CVSS 3.1

Weaknesses

Configurations

References
