CVE-2023-36434: Windows IIS Server Elevation of Privilege Vulnerability

critical9.8CVSS 3.1

AVNACLPRNUINSUCHIHAH

Windows IIS Server Elevation of Privilege Vulnerability

Affected

41 ranges· showing 25

Vendor	Product	Version range	Fixed in
microsoft	windows_10_1507	< 10.0.10240.20232	10.0.10240.20232
microsoft	windows_10_1607	< 10.0.14393.6351	10.0.14393.6351
microsoft	windows_10_1809	< 10.0.17763.4974	10.0.17763.4974
microsoft	windows_10_21h2	< 10.0.19041.3570	10.0.19041.3570
microsoft	windows_10_22h2	< 10.0.19041.3570	10.0.19041.3570
microsoft	windows_10_version_1507	>= 10.0.10240.0 < 10.0.10240.20232	10.0.10240.20232
microsoft	windows_10_version_1607	>= 10.0.14393.0 < 10.0.14393.6351	10.0.14393.6351
microsoft	windows_10_version_1809	>= 10.0.0 < 10.0.17763.4974	10.0.17763.4974
microsoft	windows_10_version_1809	>= 10.0.17763.0 < 10.0.17763.4974	10.0.17763.4974
microsoft	windows_10_version_21h2	>= 10.0.19043.0 < 10.0.19041.3570	10.0.19041.3570
microsoft	windows_10_version_22h2	>= 10.0.19045.0 < 10.0.19045.3570	10.0.19045.3570
microsoft	windows_11_21h2	< 10.0.22000.2538	10.0.22000.2538
microsoft	windows_11_22h2	< 10.0.22621.2428	10.0.22621.2428
microsoft	windows_11_version_21h2	>= 10.0.0 < 10.0.22000.2538	10.0.22000.2538
microsoft	windows_11_version_22h2	>= 10.0.22621.0 < 10.0.22621.2428	10.0.22621.2428
microsoft	windows_server_2008	—	—
microsoft	windows_server_2008_r2_service_pack_1	>= 6.1.7601.0 < 6.1.7601.26769	6.1.7601.26769
microsoft	windows_server_2008_service_pack_2	>= 6.0.6003.0 < 6.0.6003.22317	6.0.6003.22317
microsoft	windows_server_2012	—	—
microsoft	windows_server_2012	>= 6.2.9200.0 < 6.2.9200.24523	6.2.9200.24523
microsoft	windows_server_2012_r2	>= 6.3.9600.0 < 6.3.9600.21620	6.3.9600.21620
microsoft	windows_server_2016	>= 10.0.14393.0 < 10.0.14393.6351	10.0.14393.6351
microsoft	windows_server_2019	>= 10.0.17763.0 < 10.0.17763.4974	10.0.17763.4974
microsoft	windows_server_2022	>= 10.0.20348.0 < 10.0.20348.2031	10.0.20348.2031
msrc	microsoft_exchange_server_2016_cumulative_update_23	—	—