Lucene search
HistoryDec 12, 2023 - 6:15 p.m.
CVE-2023-36004
windows
dpapi
spoofing
vulnerability
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
58.7%
Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability
Affected configurations
Node
microsoftwindows_10_1507Range<10.0.10240.20345
ORmicrosoftwindows_10_1607Range<10.0.14393.6529
ORmicrosoftwindows_10_1809Range<10.0.17763.5206
ORmicrosoftwindows_10_21h2Range<10.0.19041.3803
ORmicrosoftwindows_10_22h2Range<10.0.19045.3803
ORmicrosoftwindows_11_21h2Range<10.0.22000.2652
ORmicrosoftwindows_11_22h2Range<10.0.22621.2861
ORmicrosoftwindows_11_23h2Range<10.0.22631.2861
ORmicrosoftwindows_server_2008Match-sp2
ORmicrosoftwindows_server_2008Matchr2sp1x64
ORmicrosoftwindows_server_2012Match-
ORmicrosoftwindows_server_2012Matchr2
ORmicrosoftwindows_server_2016Match-
ORmicrosoftwindows_server_2019Match-
ORmicrosoftwindows_server_2022Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_10_1507 | * | cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:* |
| microsoft | windows_10_1607 | * | cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:* |
| microsoft | windows_10_1809 | * | cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:* |
| microsoft | windows_10_21h2 | * | cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:* |
| microsoft | windows_10_22h2 | * | cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:* |
| microsoft | windows_11_21h2 | * | cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:* |
| microsoft | windows_11_22h2 | * | cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:* |
| microsoft | windows_11_23h2 | * | cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:* |
| microsoft | windows_server_2008 | - | cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:* |
| microsoft | windows_server_2008 | r2 | cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:* |
Related
mscve
mscve
cve
cve
CVE-2023-36004
2023-12-12 18:15:20
prion
prion
Spoofing
2023-12-12 18:15:00
cvelist
cvelist
nessus
nessus
KB5033427: Windows Server 2008 Security Update (December 2023)
2023-12-12 00:00:00
KB5033372: Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (December 2023)
2023-12-12 00:00:00
KB5033379: Windows 10 LTS 1507 Security Update (December 2023)
2023-12-12 00:00:00
mskb
mskb
December 12, 2023โKB5033422 (Monthly Rollup)
2023-12-12 08:00:00
December 12, 2023โKB5033427 (Security-only update)
2023-12-12 08:00:00
December 12, 2023โKB5033424 (Security-only update)
2023-12-12 08:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5033379)
2023-12-13 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5033372)
2023-12-13 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5033369)
2023-12-13 00:00:00
kaspersky
kaspersky
KLA62389 Multiple vulnerabilities in Microsoft Products (ESU)
2023-12-12 00:00:00
KLA62388 Multiple vulnerabilities in Microsoft Windows
2023-12-12 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - December 2023
2023-12-12 21:06:54
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
58.7%
Related for NVD:CVE-2023-36004