Lucene search
MicrosoftMS:CVE-2022-21961HistoryJan 11, 2022 - 8:00 a.m.
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
2022-01-1108:00:00
Microsoft
msrc.microsoft.com
25
refs
remote code execution
vulnerability
microsoft
windows
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
6.8
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
6.7
Confidence
High
EPSS
0.039
Percentile
92.2%
Affected configurations
Node
microsoftwindows_server_2012Range<6.3.9600.20246r2
ORmicrosoftwindows_server_2012Range<6.3.9600.20246r2
ORmicrosoftwindows_server_2012Range<6.3.9600.20246r2
ORmicrosoftwindows_server_2012Range<6.3.9600.20246r2
ORmicrosoftwindows_server_2012Range<6.2.9200.23584
ORmicrosoftwindows_server_2012Range<6.2.9200.23584
ORmicrosoftwindows_server_2012Range<6.2.9200.23584
ORmicrosoftwindows_server_2012Range<6.2.9200.23584
ORmicrosoftwindows_rt_8.1Range<6.3.9600.20246
ORmicrosoftwindows_8.1Range<6.3.9600.20246
ORmicrosoftwindows_8.1Range<6.3.9600.20246
ORmicrosoftwindows_8.1Range<6.3.9600.20246
ORmicrosoftwindows_8.1Range<6.3.9600.20246
ORmicrosoftwindows_server_2016Range<10.0.14393.4886
ORmicrosoftwindows_server_2016Range<10.0.14393.4886
ORmicrosoftwindows_10_1607Range<10.0.14393.4886
ORmicrosoftwindows_10_1607Range<10.0.14393.4886
ORmicrosoftwindows_10_1507Range<10.0.10240.19177
ORmicrosoftwindows_10_1909Range<10.0.18363.2037
ORmicrosoftwindows_10_1909Range<10.0.18363.2037
ORmicrosoftwindows_server_2019Range<10.0.17763.2452
ORmicrosoftwindows_server_2019Range<10.0.17763.2452
ORmicrosoftwindows_10_1809Range<10.0.17763.2452
ORmicrosoftwindows_10_1809Range<10.0.17763.2452
ORmicrosoftwindows_10_1809Range<10.0.17763.2452
ORmicrosoftwindows_10_1507Range<10.0.10240.19177
ORmicrosoftwindows_10_21h2Range<10.0.19044.1466
ORmicrosoftwindows_10_21h2Range<10.0.19044.1466
ORmicrosoftwindows_10_21h2Range<10.0.19044.1466
ORmicrosoftwindows_11_21h2Range<10.0.22000.434
ORmicrosoftwindows_11_21h2Range<10.0.22000.434
ORmicrosoftwindows_server_20h2Range<10.0.19042.1466
ORmicrosoftwindows_10_20h2Range<10.0.19042.1466
ORmicrosoftwindows_10_20h2Range<10.0.19042.1466
ORmicrosoftwindows_server_2022Range<10.0.20348.469
ORmicrosoftwindows_server_2022Range<10.0.20348.469
ORmicrosoftwindows_10_21h1Range<10.0.19043.1466
ORmicrosoftwindows_10_21h1Range<10.0.19043.1466
ORmicrosoftwindows_10_21h1Range<10.0.19043.1466
ORmicrosoftwindows_10_1809Range<10.0.18363.2037
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_server_2012 | * | cpe:2.3:o:microsoft:windows_server_2012:*:r2:*:*:*:*:*:* |
| microsoft | windows_server_2012 | * | cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:* |
| microsoft | windows_rt_8.1 | * | cpe:2.3:o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:* |
| microsoft | windows_8.1 | * | cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:* |
| microsoft | windows_server_2016 | * | cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* |
| microsoft | windows_10_1607 | * | cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:* |
| microsoft | windows_10_1507 | * | cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:* |
| microsoft | windows_10_1909 | * | cpe:2.3:o:microsoft:windows_10_1909:*:*:*:*:*:*:*:* |
| microsoft | windows_server_2019 | * | cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* |
| microsoft | windows_10_1809 | * | cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:* |
Related
prion
prion
Remote code execution
2022-01-11 21:15:00
nvd
nvd
CVE-2022-21961
2022-01-11 21:15:14
cve
cve
CVE-2022-21961
2022-01-11 21:15:14
cvelist
cvelist
mskb
mskb
January 11, 2022âKB5009586 (Monthly Rollup)
2022-01-11 08:00:00
January 11, 2022âKB5009619 (Security-only update)
2022-01-11 08:00:00
January 11, 2022âKB5009624 (Monthly Rollup)
2022-01-11 08:00:00
nessus
nessus
kaspersky
kaspersky
KLA12423 Multiple vulnerabilities in Microsoft Products (ESU)
2022-01-11 00:00:00
KLA12422 Multiple vulnerabilities in Microsoft Windows
2022-01-11 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5009624)
2022-01-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5009585)
2022-01-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5009546)
2022-01-12 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - January 2022
2022-01-11 21:41:56
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
6.8
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
6.7
Confidence
High
EPSS
0.039
Percentile
92.2%
Related for MS:CVE-2022-21961