Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA62329
HistoryDec 14, 2021 - 12:00 a.m.

KLA62329 ACE vulnerability in Microsoft Mariner

2021-12-1400:00:00
Kaspersky Lab
threats.kaspersky.com
9
spoofing vulnerability
microsoft mariner
malicious users
user interface
kb section
windows update
cbl mariner

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

AI Score

5.4

Confidence

High

EPSS

0.003

Percentile

65.6%

JSON

A spoofing vulnerability was found in Microsoft Mariner. Malicious users can exploit this vulnerability to spoof user interface.

Original advisories

CVE-2021-43896

Related products

CBL-Mariner-2.0

PowerShell

CVE list

CVE-2021-43896 warning

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

  • SUI

Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.

Affected Products

  • CBL Mariner

Related

vulnrichment 1
mscve 1
openvas 1
nvd 1
prion 1
cbl_mariner 2
cvelist 1
osv 1
cve 1
kaspersky 1
rapid7blog 1
vulnrichment
vulnrichment
CVE-2021-43896 Microsoft PowerShell Spoofing Vulnerability
2021-12-15 14:15:38
mscve
mscve
Microsoft PowerShell Spoofing Vulnerability
2021-12-14 08:00:00
openvas
openvas
Microsoft PowerShell Spoofing Vulnerability (Dec 2021) - Windows
2022-01-18 00:00:00
nvd
nvd
CVE-2021-43896
2021-12-15 15:15:11
prion
prion
Spoofing
2021-12-15 15:15:00
cbl_mariner
cbl_mariner
CVE-2021-43896 affecting package powershell 7.0.2-1
2022-01-10 03:59:21
CVE-2021-43896 affecting package powershell for versions less than 7.2.1-1
2022-04-14 19:39:54
cvelist
cvelist
CVE-2021-43896 Microsoft PowerShell Spoofing Vulnerability
2021-12-15 14:15:38
osv
osv
CVE-2021-43896
2021-12-15 15:15:11
cve
cve
CVE-2021-43896
2021-12-15 15:15:11
kaspersky
kaspersky
KLA12385 Multiple vulnerabilities in Microsoft Developer Tools
2021-12-14 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - December 2021
2021-12-14 22:12:53

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

AI Score

5.4

Confidence

High

EPSS

0.003

Percentile

65.6%

JSON
Related for KLA62329
vulnrichment1mscve1openvas1nvd1prion1cbl_mariner2cvelist1osv1cve1kaspersky1rapid7blog1