CVE-2022-38016

HIGH8.8JSON export Create alert

Description

Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

E

Unchanged

RL

O

RC

Changed

Affected products

Microsoft / Windows 10 Version 180910.0.0 – 10.0.17763.3532
Microsoft / Windows 10 Version 180910.0.17763.0 – 10.0.17763.3532
Microsoft / Windows 10 Version 20H210.0.0 – 10.0.19042.2130
Microsoft / Windows 10 Version 21H110.0.0 – 10.0.19043.2130
Microsoft / Windows 10 Version 21H210.0.19043.0 – 10.0.19044.2130
Microsoft / Windows 11 version 21H210.0.0 – 10.0.22000.1098
Microsoft / Windows 11 version 22H210.0.22621.0 – 10.0.22621.674
Microsoft / Windows Server 201910.0.17763.0 – 10.0.17763.3532
Microsoft / Windows Server 2019 (Server Core installation)10.0.17763.0 – 10.0.17763.3532
Microsoft / Windows Server 202210.0.20348.0 – 10.0.20348.1129

References

VENDOR_ADVISORYhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38016