CVE-2022-23278

MEDIUM5.9JSON export Create alert

Description

Microsoft Defender for Endpoint Spoofing Vulnerability

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

None

E

Unchanged

RL

O

RC

Changed

Affected products

Microsoft / Microsoft Defender for Endpoint EDR sensor1.0.0.0 – 10.8047.22439
Microsoft / Microsoft Defender for Endpoint for Android1.0.0.0 – 1.0.3011.0302
Microsoft / Microsoft Defender for Endpoint for iOS1.0.0.0 – 1.1.18090109
Microsoft / Microsoft Defender for Endpoint for Linux101.0.0 – 101.60.93
Microsoft / Microsoft Defender for Endpoint for Mac101.0.0 – 101.60.91
Microsoft / Microsoft Defender for Endpoint for Windows1.0.0.0 – 10.0.19042.1586

References

VENDOR_ADVISORYhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23278