CVE-2021-34446 Windows HTML Platforms Security Feature Bypass Vulnerability

2021-07-1620:19:37
microsoft
www.cve.org
8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C
8.4 High
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
77.9%
JSON
CNA Affected

[
  {
    "vendor": "Microsoft",
    "product": "Windows 10 Version 1809",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2061:*:*:*:*:*:x86:*",
      "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2061:*:*:*:*:*:x64:*",
      "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2061:*:*:*:*:*:arm64:*"
    ],
    "platforms": [
      "32-bit Systems",
      "x64-based Systems",
      "ARM64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.0",
        "lessThan": "10.0.17763.2061",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows Server 2019",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2061:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.0",
        "lessThan": "10.0.17763.2061",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows 10 Version 1909",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1679:*:*:*:*:*:x86:*",
      "cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1679:*:*:*:*:*:x64:*",
      "cpe:2.3:o:microsoft:windows_10_1809:10.0.18363.1679:*:*:*:*:*:x64:*"
    ],
    "platforms": [
      "32-bit Systems",
      "x64-based Systems",
      "ARM64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.0",
        "lessThan": "10.0.18363.1679",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows 10 Version 21H1",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1110:*:*:*:*:*:x64:*",
      "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1110:*:*:*:*:*:arm64:*",
      "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1110:*:*:*:*:*:x86:*"
    ],
    "platforms": [
      "x64-based Systems",
      "ARM64-based Systems",
      "32-bit Systems"
    ],
    "versions": [
      {
        "version": "10.0.0",
        "lessThan": "10.0.19043.1110",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows 10 Version 2004",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.1110:*:*:*:*:*:x64:*"
    ],
    "platforms": [
      "32-bit Systems",
      "ARM64-based Systems",
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.0",
        "lessThan": "10.0.19041.1110",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows 10 Version 20H2",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1110:*:*:*:*:*:x86:*",
      "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1110:*:*:*:*:*:arm64:*"
    ],
    "platforms": [
      "32-bit Systems",
      "ARM64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.0",
        "lessThan": "10.0.19042.1110",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows 10 Version 1507",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19003:*:*:*:*:*:x86:*",
      "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19003:*:*:*:*:*:x64:*"
    ],
    "platforms": [
      "32-bit Systems",
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.0",
        "lessThan": "10.0.10240.19003",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows 10 Version 1607",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4530:*:*:*:*:*:x86:*",
      "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4530:*:*:*:*:*:x64:*"
    ],
    "platforms": [
      "32-bit Systems",
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.0",
        "lessThan": "10.0.14393.4530",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows Server 2016",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4530:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "10.0.0",
        "lessThan": "10.0.14393.4530",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows 7",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_7:6.1.7601.25661:sp1:*:*:*:*:x86:*",
      "cpe:2.3:o:microsoft:windows_7:1.001:sp1:*:*:*:*:x86:*"
    ],
    "platforms": [
      "32-bit Systems"
    ],
    "versions": [
      {
        "version": "6.1.0",
        "lessThan": "6.1.7601.25661",
        "versionType": "custom",
        "status": "affected"
      },
      {
        "version": "6.1.0",
        "lessThan": "1.001",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows 7 Service Pack 1",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_7:6.1.7601.25661:sp1:*:*:*:*:x64:*",
      "cpe:2.3:o:microsoft:windows_7:1.001:sp1:*:*:*:*:x64:*"
    ],
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "6.1.0",
        "lessThan": "6.1.7601.25661",
        "versionType": "custom",
        "status": "affected"
      },
      {
        "version": "6.1.0",
        "lessThan": "1.001",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows 8.1",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20069:*:*:*:*:*:x86:*",
      "cpe:2.3:o:microsoft:windows_8.1:1.001:*:*:*:*:*:x86:*",
      "cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20069:*:*:*:*:*:x64:*",
      "cpe:2.3:o:microsoft:windows_8.1:1.001:*:*:*:*:*:x64:*",
      "cpe:2.3:o:microsoft:windows_rt_8.1:6.3.9600.20069:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "32-bit Systems",
      "x64-based Systems",
      "ARM64-based Systems"
    ],
    "versions": [
      {
        "version": "6.3.0",
        "lessThan": "6.3.9600.20069",
        "versionType": "custom",
        "status": "affected"
      },
      {
        "version": "6.3.0",
        "lessThan": "1.001",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows Server 2008 Service Pack 2",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21167:*:*:*:*:*:x64:*",
      "cpe:2.3:o:microsoft:windows_server_2008_sp2:1.001:*:*:*:*:*:x64:*"
    ],
    "platforms": [
      "32-bit Systems"
    ],
    "versions": [
      {
        "version": "6.0.0",
        "lessThan": "6.0.6003.21167",
        "versionType": "custom",
        "status": "affected"
      },
      {
        "version": "6.0.0",
        "lessThan": "1.001",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows Server 2008  Service Pack 2",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21167:*:*:*:*:*:x86:*",
      "cpe:2.3:o:microsoft:windows_server_2008_sp2:1.001:*:*:*:*:*:x86:*"
    ],
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "6.0.0",
        "lessThan": "6.0.6003.21167",
        "versionType": "custom",
        "status": "affected"
      },
      {
        "version": "6.0.0",
        "lessThan": "1.001",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows Server 2008 R2 Service Pack 1",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.25661:*:*:*:*:*:x64:*",
      "cpe:2.3:o:microsoft:windows_server_2008_R2:1.001:*:*:*:*:*:x64:*"
    ],
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "6.1.0",
        "lessThan": "6.1.7601.25661",
        "versionType": "custom",
        "status": "affected"
      },
      {
        "version": "6.1.0",
        "lessThan": "1.001",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows Server 2012",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23409:*:*:*:*:*:x64:*",
      "cpe:2.3:o:microsoft:windows_server_2012:1.001:*:*:*:*:*:x64:*"
    ],
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "6.2.0",
        "lessThan": "6.2.9200.23409",
        "versionType": "custom",
        "status": "affected"
      },
      {
        "version": "6.2.0",
        "lessThan": "1.001",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows Server 2012 R2",
    "cpes": [
      "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20069:*:*:*:*:*:x64:*",
      "cpe:2.3:o:microsoft:windows_server_2012_R2:1.001:*:*:*:*:*:x64:*"
    ],
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "6.3.0",
        "lessThan": "6.3.9600.20069",
        "versionType": "custom",
        "status": "affected"
      },
      {
        "version": "6.3.0",
        "lessThan": "1.001",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]