CVE-2023-36722 | THREATINT

Assigner	microsoft
Reserved	2023-06-26
Published	2023-10-10
Updated	2024-09-09

Description

Active Directory Domain Services Information Disclosure Vulnerability

MEDIUM: 4.4

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

Problem types

CWE-284: Improper Access Control

Product status

10.0.0 before 10.0.17763.4974

affected

10.0.0 before 10.0.17763.4974

affected

10.0.0 before 10.0.17763.4974

affected

10.0.0 before 10.0.20348.2031

affected

10.0.0 before 10.0.22000.2538

affected

10.0.0 before 10.0.19041.3570

affected

10.0.0 before 10.0.22621.2428

affected

10.0.0 before 10.0.19045.3570

affected

10.0.0 before 10.0.10240.20232

affected

10.0.0 before 10.0.14393.6351

affected

10.0.0 before 10.0.14393.6351

affected

10.0.0 before 10.0.14393.6351

affected

6.0.0 before 6.0.6003.22317

affected

6.0.0 before 6.0.6003.22317

affected

6.0.0 before 6.0.6003.22317

affected

6.1.0 before 6.1.7601.26769

affected

6.0.0 before 6.1.7601.26769

affected

6.2.0 before 6.2.9200.24523

affected

6.2.0 before 6.2.9200.24523

affected

6.3.0 before 6.3.9600.21620

affected

6.3.0 before 6.3.9600.21620

affected

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36722 (Active Directory Domain Services Information Disclosure Vulnerability) vendor-advisory

cve.org CVE-2023-36722

nvd.nist.gov CVE-2023-36722

Download JSON