ID: CVE-2023-29324

Last Modified: May 15, 2023

Windows MSHTML Platform Security Feature Bypass Vulnerability

Twitter Activity

Tweets last week: 0

Remaining steady

Yahoo Activity

Yahoo results: 0

Remaining steady

EPSS History

Current EPSS Score: 0.1232

Remaining steady


Reddit Activity

Reddit Posts: 1

Remaining steady

Github Repos

Github Repos: 0

Remaining steady

Exploits

Found exploits:

Attack Vector: Network

Attack Complexity: Low

Privileges Required: None

User Interaction: None

Scope: Unchanged

Confidentiality: None

Integrity: Low

Availability: Low

Base Score: 6.5

Exploitability Score: 3.9

Impact Score: 2.5

CVSS V3: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Specialize CVSS-Score

NVD-CWE-noinfo

['alert file ( msg:"OS-WINDOWS Microsoft Windows Scripting elevation of privilege attempt"; file_data; content:"7b8a2d94-0ac9-11d1-896c-00c04fb6bfc4",fast_pattern,nocase; content:"CreateInternetSecurityManager|28 29|",nocase; content:".MapUrlToZone(",nocase; pcre:"/MapUrlToZone\\x28[\\x22\\x27][^\\x22\\x27\\x29]*?\\s*\\x5c[A-Z0-9\\x5c]/i"; metadata:policy max-detect-ips drop,policy security-ips drop; reference:cve,2023-29324; reference:url,portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2023-29324; classtype:attempted-admin; gid:1; sid:300526; rev:1; )\n']

Condition Configuration
OR
OR
Alle Schwachstellen für microsoft
Alle Schwachstellen für microsoft
Alle Schwachstellen für microsoft
Alle Schwachstellen für microsoft
Alle Schwachstellen für microsoft
Alle Schwachstellen für microsoft
Alle Schwachstellen für microsoft
Alle Schwachstellen für microsoft
Alle Schwachstellen für microsoft
Alle Schwachstellen für microsoft
Alle Schwachstellen für microsoft
Alle Schwachstellen für microsoft
Alle Schwachstellen für microsoft
Alle Schwachstellen für microsoft
Date: May 15, 2023

CWE-ID: Not defined
Configuration:
added:
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*



                    <?xml version="1.0" ?>
<set operator="and">
    <set operator="or">
        <prop key="operating_system" value="cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*"/>
        <prop key="operating_system" value="cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*"/>
        <prop key="operating_system" value="cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*"/>
        <prop key="operating_system" value="cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*"/>
        <prop key="operating_system" value="cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*"/>
        <prop key="operating_system" value="cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*"/>
        <prop key="operating_system" value="cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*"/>
        <prop key="operating_system" value="cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*"/>
        <prop key="operating_system" value="cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*"/>
        <prop key="operating_system" value="cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*"/>
        <prop key="operating_system" value="cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*"/>
        <prop key="operating_system" value="cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*"/>
        <prop key="operating_system" value="cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*"/>
        <prop key="operating_system" value="cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*"/>
    </set>
</set>

                  
                      <?xml version="1.0" ?>
<set operator="and">
    <set operator="or">
        <prop key="operating_system" value="cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*"/>
        <prop key="operating_system" value="cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*"/>
        <prop key="operating_system" value="cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*"/>
        <prop key="operating_system" value="cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*"/>
        <prop key="operating_system" value="cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*"/>
        <prop key="operating_system" value="cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*"/>
        <prop key="operating_system" value="cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*"/>
        <prop key="operating_system" value="cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*"/>
        <prop key="operating_system" value="cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*"/>
        <prop key="operating_system" value="cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*"/>
        <prop key="operating_system" value="cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*"/>
        <prop key="operating_system" value="cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*"/>
        <prop key="operating_system" value="cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*"/>
        <prop key="operating_system" value="cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*"/>
    </set>
    <prop key="program_influence" value="input"/>
</set>