fkie_cve-2022-23278
Vulnerability from fkie_nvd
Published
2022-03-09 17:15
Modified
2024-11-21 06:48
Severity ?
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
Microsoft Defender for Endpoint Spoofing Vulnerability
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | defender_for_endpoint_edr_sensor | * | |
microsoft | windows_server_2012 | r2 | |
microsoft | windows_server_2016 | - | |
microsoft | defender_for_endpoint | - | |
microsoft | windows_10 | 20h2 | |
microsoft | windows_10 | 21h1 | |
microsoft | windows_10 | 21h2 | |
microsoft | windows_10 | 1809 | |
microsoft | windows_10 | 1909 | |
microsoft | windows_11 | - | |
microsoft | windows_11 | - | |
microsoft | windows_server | 20h2 | |
microsoft | windows_server | 2022 | |
microsoft | windows_server_2019 | - | |
microsoft | defender_for_endpoint | - | |
linux | linux_kernel | - | |
apple | macos | - | |
android | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:defender_for_endpoint_edr_sensor:*:*:*:*:*:*:*:*", "matchCriteriaId": "94C76B85-1113-4CBE-B112-471E98E007B3", "versionEndExcluding": "10.8047.22439.1056", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:defender_for_endpoint:-:*:*:*:*:*:*:*", "matchCriteriaId": "1C9118F2-2432-43F6-A08B-90A568D12777", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "matchCriteriaId": "9E2C378B-1507-4C81-82F6-9F599616845A", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*", "matchCriteriaId": "FAE4278F-71A7-43E9-8F79-1CBFAE71D730", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*", "matchCriteriaId": "71E65CB9-6DC2-4A90-8C6A-103BEDC99823", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "matchCriteriaId": "6B8F3DD2-A145-4AF1-8545-CC42892DA3D1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "matchCriteriaId": "E9273B95-20ED-4547-B0A8-95AD15B30372", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*", "matchCriteriaId": "B9F64296-66BF-4F1D-A11C-0C44C347E2AC", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*", "matchCriteriaId": "5D7F7DDB-440E-42CD-82F4-B2C13F3CC462", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server:20h2:*:*:*:*:*:*:*", "matchCriteriaId": "1EAF6DBA-6E3A-4854-BFBF-B5DC36CE5929", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server:2022:*:*:*:*:*:*:*", "matchCriteriaId": "BE257836-4F4D-4352-8293-B9CAD34F8794", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:defender_for_endpoint:-:*:*:*:*:*:*:*", "matchCriteriaId": "1C9118F2-2432-43F6-A08B-90A568D12777", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "8BA79AC0-A0CC-4EE6-AEF5-9B8C8EA2C9F1", "vulnerable": false }, { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Microsoft Defender for Endpoint Spoofing Vulnerability" }, { "lang": "es", "value": "Una vulnerabilidad de Suplantaci\u00f3n de Identidad de Microsoft Defender for Endpoint" } ], "id": "CVE-2022-23278", "lastModified": "2024-11-21T06:48:18.743", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "secure@microsoft.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Secondary" } ] }, "published": "2022-03-09T17:15:11.210", "references": [ { "source": "secure@microsoft.com", "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23278" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23278" } ], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…