CVE-2023-21803

CRITICAL9.8JSON export Create alert

Description

Windows iSCSI Discovery Service Remote Code Execution Vulnerability

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

E

Unchanged

RL

O

RC

Changed

Affected products

Microsoft / Windows 10 Version 150710.0.10240.0 – 10.0.10240.19747
Microsoft / Windows 10 Version 160710.0.14393.0 – 10.0.14393.5717
Microsoft / Windows 10 Version 180910.0.17763.0 – 10.0.17763.4010
Microsoft / Windows 10 Version 20H210.0.0 – 10.0.19042.2604
Microsoft / Windows 10 Version 21H210.0.19043.0 – 10.0.19044.2604
Microsoft / Windows 10 Version 22H210.0.19045.0 – 10.0.19045.2604
Microsoft / Windows Server 2008 Service Pack 26.0.6003.0 – 6.0.6003.21915
Microsoft / Windows Server 2008 Service Pack 2 (Server Core installation)6.0.6003.0 – 6.0.6003.21915

References

VENDOR_ADVISORYhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21803