Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2021-26426
HistoryAug 12, 2021 - 6:15 p.m.

CVE-2021-26426

2021-08-1218:15:08
CWE-59
[email protected]
web.nvd.nist.gov
8
windows
user account
profile picture
elevation of privilege
vulnerability

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

17.0%

JSON

Windows User Account Profile Picture Elevation of Privilege Vulnerability

Affected configurations

Nvd
Node
microsoftwindows_10Match-
OR
microsoftwindows_10Match20h2
OR
microsoftwindows_10Match21h1
OR
microsoftwindows_10Match1607
OR
microsoftwindows_10Match1809
OR
microsoftwindows_10Match1909
OR
microsoftwindows_10Match2004
OR
microsoftwindows_7Match-sp1
OR
microsoftwindows_8.1Match-
OR
microsoftwindows_rt_8.1Match-
OR
microsoftwindows_server_2012Match-
OR
microsoftwindows_server_2012Matchr2
OR
microsoftwindows_server_2016Match-
OR
microsoftwindows_server_2016Match20h2
OR
microsoftwindows_server_2016Match2004
OR
microsoftwindows_server_2019Match-
VendorProductVersionCPE
microsoftwindows_10-cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
microsoftwindows_1020h2cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*
microsoftwindows_1021h1cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*
microsoftwindows_101607cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
microsoftwindows_101809cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*
microsoftwindows_101909cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*
microsoftwindows_102004cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*
microsoftwindows_7-cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
microsoftwindows_8.1-cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
microsoftwindows_rt_8.1-cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 161

Related

cve 1
prion 1
zdi 1
cvelist 1
mscve 1
mskb 9
nessus 7
openvas 6
kaspersky 1
qualysblog 1
rapid7blog 1
cve
cve
CVE-2021-26426
2021-08-12 18:15:08
prion
prion
Privilege escalation
2021-08-12 18:15:00
zdi
zdi
Microsoft Windows User Profile Service Directory Junction Privilege Escalation Vulnerability
2021-08-11 00:00:00
cvelist
cvelist
CVE-2021-26426 Windows User Account Profile Picture Elevation of Privilege Vulnerability
2021-08-12 18:11:36
mscve
mscve
Windows User Account Profile Picture Elevation of Privilege Vulnerability
2021-08-10 07:00:00
mskb
mskb
August 10, 2021—KB5005094 (Security-only update)
2021-08-10 07:00:00
August 10, 2021—KB5005099 (Monthly Rollup)
2021-08-10 07:00:00
August 10, 2021—KB5005106 (Security-only update)
2021-08-10 07:00:00
nessus
nessus
KB5005094: Windows Server 2012 Security Update (August 2021)
2021-08-10 00:00:00
KB5005106: Windows 8.1 and Windows Server 2012 R2 Security Update (August 2021)
2021-08-10 00:00:00
KB5005040: Windows 10 version 1507 LTS Security Update (August 2021)
2021-08-10 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5005076)
2021-08-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5005040)
2021-08-11 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5005043)
2021-08-11 00:00:00
kaspersky
kaspersky
KLA12259 Multiple vulnerabilities in Microsoft Windows
2021-08-10 00:00:00
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday (August 2021) – Microsoft 51 Vulnerabilities with 7 Critical, Adobe 29 Vulnerabilities
2021-08-10 19:58:49
rapid7blog
rapid7blog
Patch Tuesday - August 2021
2021-08-11 03:19:33

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

17.0%

JSON
Related for NVD:CVE-2021-26426
cve1prion1zdi1cvelist1mscve1mskb9nessus7openvas6kaspersky1qualysblog1rapid7blog1