BDU:2023-05717
Scores
EPSS
Percentile: 0.0%
CVSS
CVSS Score: 8.8/10
All CVSS Scores
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vector Breakdown
CVSS (Common Vulnerability Scoring System) vector provides detailed metrics about vulnerability characteristics
CVSS
Attack Vector
Network (N)
Describes how the vulnerability is exploited
Attack Complexity
Low (L)
Describes the conditions beyond the attacker's control
Privileges Required
None (N)
Describes the level of privileges an attacker must possess
User Interaction
Required (R)
Captures the requirement for a human user participation
Scope
Unchanged (U)
Determines if a successful attack impacts components beyond the vulnerable component
Confidentiality Impact
High (H)
Measures the impact to the confidentiality of information
Integrity Impact
High (H)
Measures the impact to integrity of a successfully exploited vulnerability
Availability Impact
High (H)
Measures the impact to the availability of the impacted component
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Vector Breakdown
CVSS (Common Vulnerability Scoring System) vector provides detailed metrics about vulnerability characteristics
CVSS
Attack Vector
Network (N)
Describes how the vulnerability is exploited
Attack Complexity
Low (L)
Describes the conditions beyond the attacker's control
Authentication
None (N)
Describes the level of privileges an attacker must possess
Confidentiality Impact
Complete
Measures the impact to the confidentiality of information
Integrity Impact
Complete
Measures the impact to integrity of a successfully exploited vulnerability
Availability Impact
Complete
Measures the impact to the availability of the impacted component
Description
Уязвимость компонента Windows Themes операционных систем Windows связана с недостаточной проверкой входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить произвольный код
Scaner-VS 7 — a modern vulnerability management solution
Sources
Related Vulnerabilities
Exploits
Recommendations
Source: bdu
Использование рекомендаций производителя:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38146
Vulnerable Software (66)
Type: Configuration
Vendor: microsoft corp
Product: windows_11 21h2
Operating System: * *
{ "version_exact": "*"}
Source: bdu
Type: Configuration
Vendor: microsoft corp
Product: windows_11 22h2
Operating System: * *
{ "version_exact": "*"}
Source: bdu
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 10.0.22621.3737
Operating System: Windows 22621 build 3737
Identifier: KB5039212
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 22621.3527
Operating System: Windows 22621 build 3527
Identifier: KB5036980
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 10.0.22621.3447
Operating System: Windows 22621 build 3447
Identifier: KB5036893
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 22621.3374
Operating System: Windows 22621 build 3374
Identifier: KB5035942
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 10.0.22621.3296
Operating System: Windows 22621 build 3296
Identifier: KB5035853
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 22621.3235
Operating System: Windows 22621 build 3235
Identifier: KB5034848
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 10.0.22621.3155
Operating System: Windows 22621 build 3155
Identifier: KB5034765
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 22621.3085
Operating System: Windows 22621 build 3085
Identifier: KB5034204
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 10.0.22621.3007
Operating System: Windows 22621 build 3007
Identifier: KB5034123
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 10.0.22621.2861
Operating System: Windows 22621 build 2861
Identifier: KB5033375
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 22621.2792
Operating System: Windows 22621 build 2792
Identifier: KB5032288
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 10.0.22621.2715
Operating System: Windows 22621 build 2715
Identifier: KB5032190
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 22621.2506
Operating System: Windows 22621 build 2506
Identifier: KB5031455
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 10.0.22621.2428
Operating System: Windows 22621 build 2428
Identifier: KB5031354
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 22621.2361
Operating System: Windows 22621 build 2361
Identifier: KB5030310
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 10.0.22621.2283
Operating System: Windows 22621 build 2283
Identifier: KB5030219
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 10.0.22000.3260
Operating System: Windows 22000 build 3260
Identifier: KB5044280
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Version: 10.0.22000.3197
Operating System: Windows 22000 build 3197
Identifier: KB5043067
Source: msrc