Lucene search
HistoryJul 11, 2023 - 6:15 p.m.
CVE-2023-35346
cve-2023-35346
windows
dns
server
remote code execution
vulnerability
nvd
CVSS3
6.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
7.1
Confidence
High
EPSS
0.005
Percentile
75.9%
Windows DNS Server Remote Code Execution Vulnerability
Affected configurations
Node
microsoftwindows_server_2019Match10.0.17763.4645
Node
microsoftwindows_server_2019Match10.0.17763.4645
Node
microsoftwindows_server_2022Match10.0.20348.1850
Node
microsoftwindows_server_2016Match10.0.14393.6085
Node
microsoftwindows_server_2016Match10.0.14393.6085
Node
microsoftwindows_server_2008_sp2Match6.0.6003.22175sp2
Node
microsoftwindows_server_2008_sp2Match6.0.6003.22175sp2
Node
microsoftwindows_server_2008_sp2Match6.0.6003.22175sp2
Node
microsoftwindows_server_2008_r2_sp1Match6.1.7601.26623sp1
Node
microsoftwindows_server_2008_r2_sp1Match6.1.7601.26623sp1
Node
microsoftwindows_server_2012Match6.2.9200.24374
Node
microsoftwindows_server_2012Match6.2.9200.24374
Node
microsoftwindows_server_2012Match6.3.9600.21063r2
microsoftwindows_server_2012Match6.3.9600.21063r2
Node
microsoftwindows_server_2012Match6.3.9600.21063r2
microsoftwindows_server_2012Match6.3.9600.21063r2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_server_2019 | * | cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* |
| microsoft | windows_server_2019 | * | cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* |
| microsoft | windows_server_2022 | * | cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* |
| microsoft | windows_server_2016 | * | cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* |
| microsoft | windows_server_2016 | * | cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* |
| microsoft | windows_server_2008_sp2 | * | cpe:2.3:o:microsoft:windows_server_2008_sp2:*:sp2:*:*:*:*:*:* |
| microsoft | windows_server_2008_sp2 | * | cpe:2.3:o:microsoft:windows_server_2008_sp2:*:sp2:*:*:*:*:*:* |
| microsoft | windows_server_2008_sp2 | * | cpe:2.3:o:microsoft:windows_server_2008_sp2:*:sp2:*:*:*:*:*:* |
| microsoft | windows_server_2008_r2_sp1 | * | cpe:2.3:o:microsoft:windows_server_2008_r2_sp1:*:sp1:*:*:*:*:*:* |
| microsoft | windows_server_2012 | * | cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Windows Server 2019",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4645:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.17763.4645",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2019 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4645:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.17763.4645",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2022",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1850:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.20348.1850",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2016",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6085:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.14393.6085",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2016 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6085:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.14393.6085",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2008 Service Pack 2",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22175:*:*:*:*:*:x64:*"
],
"platforms": [
"32-bit Systems"
],
"versions": [
{
"version": "6.0.0",
"lessThan": "6.0.6003.22175",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2008 Service Pack 2 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22175:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22175:*:*:*:*:*:x86:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"versions": [
{
"version": "6.0.0",
"lessThan": "6.0.6003.22175",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2008 Service Pack 2",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.22175:*:*:*:*:*:x86:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.0.0",
"lessThan": "6.0.6003.22175",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2008 R2 Service Pack 1",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26623:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.1.0",
"lessThan": "6.1.7601.26623",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.26623:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.0.0",
"lessThan": "6.1.7601.26623",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2012",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24374:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.2.0",
"lessThan": "6.2.9200.24374",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2012 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.24374:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.2.0",
"lessThan": "6.2.9200.24374",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2012 R2",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21063:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21075:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.3.0",
"lessThan": "6.3.9600.21063",
"versionType": "custom",
"status": "affected"
},
{
"version": "6.3.0",
"lessThan": "6.3.9600.21075",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2012 R2 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21063:*:*:*:*:*:x64:*",
"cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.21075:*:*:*:*:*:x64:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "6.3.0",
"lessThan": "6.3.9600.21063",
"versionType": "custom",
"status": "affected"
},
{
"version": "6.3.0",
"lessThan": "6.3.9600.21075",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
nvd
nvd
CVE-2023-35346
2023-07-11 18:15:19
prion
prion
Remote code execution
2023-07-11 18:15:00
mscve
mscve
Windows DNS Server Remote Code Execution Vulnerability
2023-07-11 07:00:00
cvelist
cvelist
CVE-2023-35346 Windows DNS Server Remote Code Execution Vulnerability
2023-07-11 17:02:52
nessus
nessus
KB5028226: Windows Server 2008 Security Update (July 2023)
2023-07-11 00:00:00
KB5028224: Windows Server 2008 R2 Security Update (July 2023)
2023-07-11 00:00:00
KB5028233: Windows Server 2012 Security Update (July 2023)
2023-07-11 00:00:00
mskb
mskb
July 11, 2023âKB5028226 (Security-only update)
2023-07-11 07:00:00
July 11, 2023âKB5028222 (Monthly Rollup)
2023-07-11 07:00:00
July 11, 2023âKB5028224 (Security-only update)
2023-07-11 07:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5028240)
2023-07-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5028169)
2023-07-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5028168)
2023-07-12 00:00:00
kaspersky
kaspersky
KLA50775 Multiple vulnerabilities in Microsoft Products (ESU)
2023-07-11 00:00:00
KLA50774 Multiple vulnerabilities in Microsoft Windows
2023-07-11 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - July 2023
2023-07-11 21:50:34
CVSS3
6.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
7.1
Confidence
High
EPSS
0.005
Percentile
75.9%
Related for CVE-2023-35346