CVE-2022-29123 : Windows Clustered Shared Volume Information Disclosure Vulnerability

Windows Clustered Shared Volume Information Disclosure Vulnerability

Published 2022-05-10 21:15:12

Updated 2023-12-21 00:15:17

View at NVD, CVE.org

Vulnerability category: Information leak

Exploit prediction scoring system (EPSS) score for CVE-2022-29123

Probability of exploitation activity in the next 30 days: 0.06%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 24 % EPSS Score History EPSS FAQ

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
2.1	LOW	AV:L/AC:L/Au:N/C:P/I:N/A:N	3.9	2.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
6.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N	2.0	4.0	Microsoft Corporation
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Changed Confidentiality: High Integrity: None Availability: None

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29123

CVE-2022-29123 - Security Update Guide - Microsoft - Windows Clustered Shared Volume Information Disclosure Vulnerability
Patch;Vendor Advisory

Microsoft » Windows Server » Version: 20h2
cpe:2.3:o:microsoft:windows_server:20h2:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2012 » Version: N/A
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2012 » Version: R2
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2016 » Version: N/A
cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2019 » Version: N/A
cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows Server 2022
cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
Matching versions