7.8

CVE-2023-21800

Windows Installer Elevation of Privilege Vulnerability

Data is provided by the National Vulnerability Database (NVD)
MicrosoftWindows Server 2008 Version- Updatesp2
MicrosoftWindows Server 2008 Versionr2 Updatesp1 HwPlatformx64
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.57% 0.678
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
secure@microsoft.com 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-73 External Control of File Name or Path

The product allows user input to control or influence paths or file names that are used in filesystem operations.