Lucene search
HistoryMay 10, 2022 - 9:15 p.m.
CVE-2022-29106
cve
2022
windows
hyper-v
shared virtual disk
elevation of privilege
vulnerability
nvd
4.4 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
7 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.6%
Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability
Affected configurations
Node
microsoftwindows_server_2019Range10.0.0â10.0.17763.2928
ORmicrosoftwindows_server_2019Range10.0.0â10.0.17763.2928
ORmicrosoftwindows_server_2022Range10.0.0â10.0.20348.707
ORmicrosoftwindows_server_20h2Range10.0.0â10.0.19042.1706
ORmicrosoftwindows_server_2016Range10.0.0â10.0.14393.5125
ORmicrosoftwindows_server_2016Range10.0.0â10.0.14393.5125
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_server_2019 | * | cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* |
| microsoft | windows_server_2019 | * | cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* |
| microsoft | windows_server_2022 | * | cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* |
| microsoft | windows_server_20h2 | * | cpe:2.3:o:microsoft:windows_server_20h2:*:*:*:*:*:*:*:* |
| microsoft | windows_server_2016 | * | cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* |
| microsoft | windows_server_2016 | * | cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Windows Server 2019",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2928:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.17763.2928",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2019 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2928:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.17763.2928",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2022",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.707:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.20348.707",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server version 20H2",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.1706:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.19042.1706",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2016",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5125:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.14393.5125",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2016 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5125:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.14393.5125",
"versionType": "custom",
"status": "affected"
}
]
}
]Social References
More
Related
mscve
mscve
Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability
2022-05-10 08:00:00
cvelist
cvelist
nvd
nvd
CVE-2022-29106
2022-05-10 21:15:11
prion
prion
Privilege escalation
2022-05-10 21:15:00
nessus
nessus
KB5013952: Windows 10 Version 1607 and Windows Server 2016 Security Update (May 2022)
2022-05-10 00:00:00
KB5013944: Windows Server 2022 Security Update (May 2022)
2022-05-10 00:00:00
KB5013942: Windows 10 Version 20H2 / 21H1 / 21H2 Security Update (May 2022)
2022-05-10 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5013952)
2022-05-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5013942)
2022-05-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5013941)
2022-05-11 00:00:00
mskb
mskb
May 10, 2022âKB5013952 (OS Build 14393.5125)
2022-05-12 07:00:00
May 10, 2022âKB5013941 (OS Build 17763.2928)
2022-06-14 07:00:00
May 10, 2022âKB5013942 (OS Builds 19042.1706, 19043.1706, and 19044.1706)
2022-06-14 07:00:00
kaspersky
kaspersky
KLA12526 Multiple vulnerabilities in Microsoft Windows
2022-05-10 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - May 2022
2022-05-10 19:59:20
4.4 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
7 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.6%
Related for CVE-2022-29106