Assigner | microsoft |
Reserved | 2023-06-21 |
Published | 2023-11-14 |
Updated | 2024-06-07 |
Description
Windows HMAC Key Derivation Elevation of Privilege Vulnerability
HIGH: 8.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
Problem types
CWE-122: Heap-based Buffer Overflow
Product status
10.0.0 before 10.0.17763.5122
affected
10.0.0 before 10.0.17763.5122
affected
10.0.0 before 10.0.17763.5122
affected
10.0.0 before 10.0.20348.2113
affected
10.0.0 before 10.0.20348.2091
affected
10.0.0 before 10.0.22000.2600
affected
10.0.0 before 10.0.19043.3693
affected
10.0.0 before 10.0.22621.2715
affected
10.0.0 before 10.0.19045.3693
affected
10.0.0 before 10.0.22631.2715
affected
10.0.0 before 10.0.22631.2715
affected
10.0.0 before 10.0.25398.531
affected
10.0.0 before 10.0.10240.20308
affected
10.0.0 before 10.0.14393.6452
affected
10.0.0 before 10.0.14393.6452
affected
10.0.0 before 10.0.14393.6452
affected
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36400 (Windows HMAC Key Derivation Elevation of Privilege Vulnerability) vendor-advisory
cve.org CVE-2023-36400
nvd.nist.gov CVE-2023-36400
Download JSON