Lucene search

MicrosoftMS:CVE-2021-28329

HistoryApr 13, 2021 - 7:00 a.m.

Remote Procedure Call Runtime Remote Code Execution Vulnerability

2021-04-1307:00:00

Microsoft

msrc.microsoft.com

microsoft

remote code execution

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.9

Confidence

High

EPSS

0.013

Percentile

85.9%

JSON

Affected configurations

Vulners

Node

microsoftwindows_10_1903_for_x64-based_systemsRange<2021-Apr

microsoftwindows_10_2004_for_32-bit_systemsRange<2021-Apr

microsoftwindows_server\,_1803_\(server_core_installation\)Range<2021-Apr

microsoftwindows_server_2016Range<2021-Apr

microsoftwindows_defender_on_windows_10_1607_for_x64-based_systemsRange<2021-Apr

microsoftwindows_defender_on_windows_10_1607_for_32-bit_systemsRange<2021-Apr

microsoftwindows_10_1903_for_x64-based_systemsRange<2021-Apr

microsoftwindows_10_2004_for_32-bit_systemsRange<2021-Apr

microsoftwindows_server_20h2Range<2021-Apr

microsoftwindows_10_20h2Range<2021-Aprarm64

microsoftwindows_10_2004_for_32-bit_systemsRange<2021-Apr

microsoftwindows_10_1903_for_x64-based_systemsRange<2021-Apr

microsoftwindows_server_version_2004Range<2021-Apr

microsoftwindows_10_2004_for_x64-based_systemsRange<2021-Apr

microsoftwindows_10_2004_for_arm64-based_systemsRange<2021-Apr

microsoftwindows_10_2004_for_32-bit_systemsRange<2021-Apr

microsoftwindows_server\,_version_1909Range<2021-Apr

microsoftwindows_server_2012Range<2021-Aprr2

microsoftwindows_server\,_1803_\(server_core_installation\)Range<2021-Apr

microsoftwindows_server_2012Range<2021-Apr

microsoftwindows_server_2008Range<2021-Aprr2x64

microsoftwindows_server_2008Range<2021-Aprx64

microsoftwindows_server\,_1803_\(server_core_installation\)Range<2021-Apr

microsoftwindows_10_2004_for_32-bit_systemsRange<2021-Apr

microsoftwindows_rt_8.1Range<2021-Apr

microsoftwindows_10_1903_for_x64-based_systemsRange<2021-Apr

microsoftwindows_10_2004_for_32-bit_systemsRange<2021-Apr

microsoftwindows_10_1909_for_arm64-based_systemsRange<2021-Apr

microsoftwindows_10_1909_for_x64-based_systemsRange<2021-Apr

microsoftwindows_10_1909_for_32-bit_systemsRange<2021-Apr

microsoftwindows_server\,_1803_\(server_core_installation\)Range<2021-Apr

microsoftwindows_server_2019Range<2021-Apr

microsoftwindows_10_1809_for_arm64-based_systemsRange<2021-Apr

microsoftwindows_10_1809_for_x64-based_systemsRange<2021-Apr

microsoftwindows_10_1809_for_32-bit_systemsRange<2021-Apr

microsoftwindows_10_1803_for_arm64-based_systemsRange<2021-Apr

microsoftwindows_10_1803_for_x64-based_systemsRange<2021-Apr

microsoftwindows_10_1803_for_32-bit_systemsRange<2021-Apr

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.9

Confidence

High

EPSS

0.013

Percentile

85.9%

JSON

Related for MS:CVE-2021-28329