CVE-2023-23394 | THREATINT

Assigner	microsoft
Reserved	2023-01-11
Published	2023-03-14
Updated	2024-08-02

Description

Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability

MEDIUM: 5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

Product status

10.0.0 before 10.0.17763.4131

affected

10.0.0 before 10.0.17763.4131

affected

10.0.0 before 10.0.17763.4131

affected

10.0.0 before 10.0.20348.1607

affected

10.0.0 before 10.0.20348.1602

affected

10.0.0 before 10.0.19042.2728

affected

10.0.0 before 10.0.22000.1696

affected

10.0.0 before 10.0.19044.2728

affected

10.0.0 before 10.0.22621.1413

affected

10.0.0 before 10.0.19045.2728

affected

10.0.0 before 10.0.10240.19805

affected

10.0.0 before 10.0.14393.5786

affected

10.0.0 before 10.0.14393.5786

affected

10.0.0 before 10.0.14393.5786

affected

6.0.0 before 6.0.6003.21966

affected

6.0.0 before 6.0.6003.21966

affected

6.0.0 before 6.0.6003.21966

affected

6.1.0 before 6.1.7601.26415

affected

6.0.0 before 6.1.7601.26415

affected

6.2.0 before 6.2.9200.24168

affected

6.2.0 before 6.2.9200.24168

affected

6.3.0 before 6.3.9600.20865

affected

6.3.0 before 6.3.9600.20865

affected

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23394 (Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability) vendor-advisory

cve.org CVE-2023-23394

nvd.nist.gov CVE-2023-23394

Download JSON