Description
NTLM Hash Disclosure Spoofing Vulnerability
Reserved 2024-08-14 | Published 2024-11-12 | Updated 2024-11-27 | Assigner
microsoftMEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:F/RL:O/RC:C
CISA Known Exploited Vulnerability
Date added 2024-11-12 | Due date 2024-12-03
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Problem types
CWE-73: External Control of File Name or Path
Product status
10.0.0 before 10.0.26100.2314
affected
10.0.0 before 10.0.26100.2240
affected
10.0.0 before 10.0.26100.2314
affected
10.0.0 before 10.0.26100.2240
affected
10.0.0 before 10.0.17763.6532
affected
10.0.0 before 10.0.17763.6532
affected
10.0.0 before 10.0.17763.6532
affected
10.0.0 before 10.0.20348.2849
affected
10.0.0 before 10.0.20348.2819
affected
10.0.0 before 10.0.19044.5131
affected
10.0.0 before 10.0.22621.4460
affected
10.0.0 before 10.0.19045.5131
affected
10.0.0 before 10.0.22631.4460
affected
10.0.0 before 10.0.22631.4460
affected
10.0.0 before 10.0.25398.1251
affected
10.0.0 before 10.0.26100.2314
affected
10.0.0 before 10.0.26100.2240
affected
10.0.0 before 10.0.10240.20826
affected
10.0.0 before 10.0.14393.7515
affected
10.0.0 before 10.0.14393.7515
affected
10.0.0 before 10.0.14393.7515
affected
6.0.0 before 6.0.6003.22966
affected
6.0.0 before 1.001
affected
6.0.0 before 6.0.6003.22966
affected
6.0.0 before 1.001
affected
6.0.0 before 6.0.6003.22966
affected
6.0.0 before 1.001
affected
6.1.0 before 6.1.7601.27415
affected
6.1.0 before 1.001
affected
6.0.0 before 6.1.7601.27415
affected
6.0.0 before 1.001
affected
6.2.0 before 6.2.9200.25165
affected
6.2.0 before 6.2.9200.25165
affected
6.3.0 before 6.3.9600.22267
affected
6.3.0 before 1.001
affected
6.3.0 before 6.3.9600.22267
affected
6.3.0 before 1.001
affected
References
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43451 (NTLM Hash Disclosure Spoofing Vulnerability) vendor-advisory
cve.org (CVE-2024-43451)
nvd.nist.gov (CVE-2024-43451)
Download JSON
Subscribe to our newsletter to learn more about our work.