CVE-2021-34454
published 2021-07-16CVE-2021-34454: Windows Remote Access Connection Manager Information Disclosure Vulnerability
medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
Windows Remote Access Connection Manager Information Disclosure Vulnerability
Affected
36 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10_version_1507 | >= 10.0.0 < 10.0.10240.19003 | 10.0.10240.19003 |
| microsoft | windows_10_version_1607 | >= 10.0.0 < 10.0.14393.4530 | 10.0.14393.4530 |
| microsoft | windows_10_version_1809 | >= 10.0.0 < 10.0.17763.2061 | 10.0.17763.2061 |
| microsoft | windows_10_version_1909 | >= 10.0.0 < 10.0.18363.1679 | 10.0.18363.1679 |
| microsoft | windows_10_version_2004 | >= 10.0.0 < 10.0.19041.1110 | 10.0.19041.1110 |
| microsoft | windows_10_version_20h2 | >= 10.0.0 < 10.0.19042.1110 | 10.0.19042.1110 |
| microsoft | windows_10_version_21h1 | >= 10.0.0 < 10.0.19043.1110 | 10.0.19043.1110 |
| microsoft | windows_8.1 | >= 6.3.0 < 6.3.9600.20069 | 6.3.9600.20069 |
| microsoft | windows_server_2012 | — | — |
| microsoft | windows_server_2012_r2 | >= 6.3.0 < 6.3.9600.20069 | 6.3.9600.20069 |
| microsoft | windows_server_2016 | — | — |
| microsoft | windows_server_2016 | — | — |
| microsoft | windows_server_2016 | >= 10.0.0 < 10.0.14393.4530 | 10.0.14393.4530 |
| microsoft | windows_server_2019 | >= 10.0.0 < 10.0.17763.2061 | 10.0.17763.2061 |
| microsoft | windows_server_version_2004 | >= 10.0.0 < 10.0.19041.1110 | 10.0.19041.1110 |
| microsoft | windows_server_version_20h2 | >= 10.0.0 < 10.0.19042.1110 | 10.0.19042.1110 |
| msrc | windows_10 | — | — |
| msrc | windows_10_version_1607 | — | — |
| msrc | windows_10_version_1809 | — | — |
GHSA
GHSA-vw6q-86r6-9r5v: Windows Remote Access Connection Manager Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-34454, CVE-2021-34457
ghsa_unreviewed·2022-05-24·CVSS 5.5
CVE-2021-33763 [MEDIUM] GHSA-vw6q-86r6-9r5v: Windows Remote Access Connection Manager Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-34454, CVE-2021-34457
Windows Remote Access Connection Manager Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-34454, CVE-2021-34457.
GHSA
GHSA-2j5x-2fxv-c77c: Windows Remote Access Connection Manager Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-33763, CVE-2021-34454
ghsa_unreviewed·2022-05-24·CVSS 5.5
CVE-2021-34457 [MEDIUM] GHSA-2j5x-2fxv-c77c: Windows Remote Access Connection Manager Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-33763, CVE-2021-34454
Windows Remote Access Connection Manager Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-33763, CVE-2021-34454.
GHSA
GHSA-gmj6-7x7c-h6cj: Windows Remote Access Connection Manager Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-33763, CVE-2021-34457
ghsa_unreviewed·2022-05-24·CVSS 5.5
CVE-2021-34454 [MEDIUM] GHSA-gmj6-7x7c-h6cj: Windows Remote Access Connection Manager Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-33763, CVE-2021-34457
Windows Remote Access Connection Manager Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-33763, CVE-2021-34457.
Microsoft
Windows Remote Access Connection Manager Information Disclosure Vulnerability
vendor_msrc·2021-07-13·CVSS 5.5
CVE-2021-34454 [MEDIUM] Windows Remote Access Connection Manager Information Disclosure Vulnerability
Windows Remote Access Connection Manager Information Disclosure Vulnerability
FAQ: What type of information could be disclosed by this vulnerability?
Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap.
Windows Shell: Windows Shell
Microsoft: Microsoft
Impact: Information Disclosure
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5004244
Reference: https://support.microsoft.com/help/5004244
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5004245
Reference: https://support.microsoft.com/help/5004245
Reference: https:/
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2021-07-16
Published