Description
Windows Credential Manager User Interface Elevation of Privilege Vulnerability
Reserved 2022-12-13 | Published 2023-01-10 | Updated 2025-01-01 | Assigner
microsoftHIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Problem types
CWE-257: Storing Passwords in a Recoverable Format
Product status
10.0.17763.0 before 10.0.17763.3887
affected
10.0.0 before 10.0.17763.3887
affected
10.0.17763.0 before 10.0.17763.3887
affected
10.0.17763.0 before 10.0.17763.3887
affected
10.0.20348.0 before 10.0.20348.1487
affected
10.0.0 before 10.0.19042.2486
affected
10.0.0 before 10.0.22000.1455
affected
10.0.19043.0 before 10.0.19044.2486
affected
10.0.22621.0 before 10.0.22621.1105
affected
10.0.19045.0 before 10.0.19045.2486
affected
10.0.10240.0 before 10.0.10240.19685
affected
10.0.14393.0 before 10.0.14393.5648
affected
10.0.14393.0 before 10.0.14393.5648
affected
10.0.14393.0 before 10.0.14393.5648
affected
6.1.0 before 6.1.7601.26321
affected
6.1.0 before 6.1.7601.26321
affected
6.3.0 before 6.3.9600.20778
affected
6.0.6003.0 before 6.0.6003.21872
affected
6.0.6003.0 before 6.0.6003.21872
affected
6.0.6003.0 before 6.0.6003.21872
affected
6.1.7601.0 before 6.1.7601.26321
affected
6.1.7601.0 before 6.1.7601.26321
affected
6.2.9200.0 before 6.2.9200.24075
affected
6.2.9200.0 before 6.2.9200.24075
affected
6.3.9600.0 before 6.3.9600.20778
affected
6.3.9600.0 before 6.3.9600.20778
affected
References
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21726 (Windows Credential Manager User Interface Elevation of Privilege Vulnerability) vendor-advisory
cve.org (CVE-2023-21726)
nvd.nist.gov (CVE-2023-21726)
Download JSON
Subscribe to our newsletter to learn more about our work.
