cbcvebase.
CVE-2022-21907
published 2022-01-11

CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability

critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
HTTP Protocol Stack Remote Code Execution Vulnerability

Affected

31 ranges· showing 25
VendorProductVersion rangeFixed in
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10_version_1809>= 10.0.0 < 10.0.17763.245210.0.17763.2452
microsoftwindows_10_version_1809>= 10.0.17763.0 < 10.0.17763.245210.0.17763.2452
microsoftwindows_10_version_20h2>= 10.0.0 < 10.0.19042.146610.0.19042.1466
microsoftwindows_10_version_21h1>= 10.0.0 < 10.0.19043.146610.0.19043.1466
microsoftwindows_10_version_21h2>= 10.0.19043.0 < 10.0.19044.146610.0.19044.1466
microsoftwindows_11_version_21h2>= 10.0.0 < 10.0.22000.43410.0.22000.434
microsoftwindows_server
microsoftwindows_server
microsoftwindows_server_2019>= 10.0.17763.0 < 10.0.17763.245210.0.17763.2452
microsoftwindows_server_2022>= 10.0.20348.0 < 10.0.20348.46910.0.20348.469
microsoftwindows_server_version_20h2>= 10.0.0 < 10.0.19042.146610.0.19042.1466
msrcwindows_10_version_1809_for_32-bit_systems
msrcwindows_10_version_1809_for_arm64-based_systems
msrcwindows_10_version_1809_for_x64-based_systems
msrcwindows_10_version_20h2_for_32-bit_systems
msrcwindows_10_version_20h2_for_arm64-based_systems
msrcwindows_10_version_21h1_for_32-bit_systems
msrcwindows_10_version_21h1_for_arm64-based_systems
msrcwindows_10_version_21h1_for_x64-based_systems
msrcwindows_10_version_21h2_for_32-bit_systems
msrcwindows_10_version_21h2_for_arm64-based_systems

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vulncheck9.8CRITICAL