Assigner | microsoft |
Reserved | 2023-06-20 |
Published | 2023-11-14 |
Updated | 2024-06-10 |
Description
Windows Authentication Elevation of Privilege Vulnerability
HIGH: 7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Problem types
CWE-59: Improper Link Resolution Before File Access ('Link Following')
Product status
10.0.0 before 10.0.17763.5122
affected
10.0.0 before 10.0.17763.5122
affected
10.0.0 before 10.0.17763.5122
affected
10.0.0 before 10.0.20348.2113
affected
10.0.0 before 10.0.20348.2091
affected
10.0.0 before 10.0.22000.2600
affected
10.0.0 before 10.0.19043.3693
affected
10.0.0 before 10.0.22621.2715
affected
10.0.0 before 10.0.19045.3693
affected
10.0.0 before 10.0.22631.2715
affected
10.0.0 before 10.0.22631.2715
affected
10.0.0 before 10.0.25398.531
affected
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36047 (Windows Authentication Elevation of Privilege Vulnerability) vendor-advisory
cve.org CVE-2023-36047
nvd.nist.gov CVE-2023-36047
Download JSON