Lucene search
HistoryAug 08, 2023 - 6:15 p.m.
CVE-2023-36900
windows
log file system
elevation
privilege
vulnerability
cve-2023-36900
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.6
Confidence
High
EPSS
0
Percentile
10.4%
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Affected configurations
Node
microsoftwindows_10Range<10.0.10240.20107
ORmicrosoftwindows_10_1607Range<10.0.14393.6167
ORmicrosoftwindows_10_1809Range<10.0.17763.4737
ORmicrosoftwindows_10_21h2Range<10.0.19044.3324
ORmicrosoftwindows_10_22h2Range<10.0.19045.3324
ORmicrosoftwindows_11_21h2Range<10.0.22000.2295arm64
ORmicrosoftwindows_11_21h2Range<10.0.22000.2295x64
ORmicrosoftwindows_11_22h2Range<10.0.22621.2134arm64
ORmicrosoftwindows_11_22h2Range<10.0.22621.2134x64
ORmicrosoftwindows_server_2008Match-sp2
ORmicrosoftwindows_server_2008Matchr2sp1x64
ORmicrosoftwindows_server_2012Match-
ORmicrosoftwindows_server_2012Matchr2
ORmicrosoftwindows_server_2016Match-
ORmicrosoftwindows_server_2019Match-
ORmicrosoftwindows_server_2022Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_10 | * | cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:* |
| microsoft | windows_10_1607 | * | cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:* |
| microsoft | windows_10_1809 | * | cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:* |
| microsoft | windows_10_21h2 | * | cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:* |
| microsoft | windows_10_22h2 | * | cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:* |
| microsoft | windows_11_21h2 | * | cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:* |
| microsoft | windows_11_21h2 | * | cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:* |
| microsoft | windows_11_22h2 | * | cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:* |
| microsoft | windows_11_22h2 | * | cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:* |
| microsoft | windows_server_2008 | - | cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:* |
Related
zdi
zdi
githubexploit
githubexploit
Exploit for Integer Overflow or Wraparound in Microsoft
2023-11-08 10:39:19
mscve
mscve
Windows Common Log File System Driver Elevation of Privilege Vulnerability
2023-08-08 07:00:00
cve
cve
CVE-2023-36900
2023-08-08 18:15:16
prion
prion
Privilege escalation
2023-08-08 18:15:00
cvelist
cvelist
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday, August 2023 Security Update Review
2023-08-08 20:35:59
nessus
nessus
KB5029301: Windows Server 2008 Security Update (August 2023)
2023-08-08 00:00:00
KB5029304: Windows Server 2012 R2 Security Update (August 2023)
2023-08-08 00:00:00
KB5029308: Windows Server 2012 Security Update (August 2023)
2023-08-08 00:00:00
mskb
mskb
August 8, 2023—KB5029318 (Monthly Rollup)
2023-08-08 07:00:00
August 8, 2023—KB5029295 (Monthly Rollup)
2023-08-08 07:00:00
August 8, 2023—KB5029301 (Security-only update)
2023-08-08 07:00:00
talosblog
talosblog
Six critical vulnerabilities included in August’s Microsoft security update
2023-08-08 19:25:42
kaspersky
kaspersky
KLA51712 Multiple vulnerabilities in Microsoft Products (ESU)
2023-08-08 00:00:00
KLA51710 Multiple vulnerabilities in Microsoft Windows
2023-08-08 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5029242)
2023-08-09 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5029259)
2023-08-09 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5029244)
2023-08-09 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - August 2023
2023-08-08 21:11:35
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.6
Confidence
High
EPSS
0
Percentile
10.4%
Related for NVD:CVE-2023-36900