Lucene search
MicrosoftCVELIST:CVE-2023-35348HistoryJul 11, 2023 - 5:02 p.m.
CVE-2023-35348 Active Directory Federation Service Security Feature Bypass Vulnerability
2023-07-1117:02:53
CWE-522
microsoft
www.cve.org
1
cve-2023-35348
active directory
federation service
security
feature bypass
vulnerability
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:F/RL:O/RC:C
8.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
30.8%
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Windows Server 2019",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4645:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.17763.4645",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2019 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4645:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.17763.4645",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2022",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1850:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.20348.1850",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2016",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6085:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.14393.6085",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Windows Server 2016 (Server Core installation)",
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6085:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "10.0.0",
"lessThan": "10.0.14393.6085",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
prion
prion
Security feature bypass
2023-07-11 18:15:00
mscve
mscve
Active Directory Federation Service Security Feature Bypass Vulnerability
2023-07-11 07:00:00
nvd
nvd
CVE-2023-35348
2023-07-11 18:15:19
cve
cve
CVE-2023-35348
2023-07-11 18:15:19
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday, July 2023 Security Update Review
2023-07-11 20:30:33
nessus
nessus
mskb
mskb
July 11, 2023âKB5028169 (OS Build 14393.6085)
2023-07-11 07:00:00
July 11, 2023âKB5028171 (OS Build 20348.1850)
2023-07-11 07:00:00
July 11, 2023âKB5028168 (OS Build 17763.4645)
2023-07-11 07:00:00
kaspersky
kaspersky
KLA50774 Multiple vulnerabilities in Microsoft Windows
2023-07-11 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - July 2023
2023-07-11 21:50:34
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:F/RL:O/RC:C
8.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
30.8%
Related for CVELIST:CVE-2023-35348