cbcvebase.
CVE-2024-43451
published 2024-11-12

CVE-2024-43451: NTLM Hash Disclosure Spoofing Vulnerability NTLM Hash Disclosure Spoofing Vulnerability

medium6.5
KEVITW
CISA Known Exploited Vulnerabilitydue 2024-12-03
Exploited in the wild
NTLM Hash Disclosure Spoofing Vulnerability NTLM Hash Disclosure Spoofing Vulnerability

Affected

32 ranges· showing 25
VendorProductVersion rangeFixed in
microsoftwindows_10_version_1507>= 10.0.10240.0 < 10.0.10240.2082610.0.10240.20826
microsoftwindows_10_version_1607>= 10.0.14393.0 < 10.0.14393.751510.0.14393.7515
microsoftwindows_10_version_1809>= 10.0.17763.0 < 10.0.17763.653210.0.17763.6532
microsoftwindows_10_version_21h2>= 10.0.19043.0 < 10.0.19044.513110.0.19044.5131
microsoftwindows_10_version_22h2>= 10.0.19045.0 < 10.0.19045.513110.0.19045.5131
microsoftwindows_11_version_22h2>= 10.0.22621.0 < 10.0.22621.446010.0.22621.4460
microsoftwindows_11_version_22h3>= 10.0.22631.0 < 10.0.22631.446010.0.22631.4460
microsoftwindows_11_version_23h2>= 10.0.22631.0 < 10.0.22631.446010.0.22631.4460
microsoftwindows_11_version_24h2>= 10.0.26100.0 < 10.0.26100.231410.0.26100.2314
microsoftwindows_server_2008_r2_service_pack_1>= 6.1.7601.0 < 6.1.7601.274156.1.7601.27415
microsoftwindows_server_2008_service_pack_2>= 6.0.6003.0 < 6.0.6003.229666.0.6003.22966
microsoftwindows_server_2012_r2>= 6.3.9600.0 < 6.3.9600.222676.3.9600.22267
microsoftwindows_server_2016>= 10.0.14393.0 < 10.0.14393.751510.0.14393.7515
microsoftwindows_server_2019>= 10.0.17763.0 < 10.0.17763.653210.0.17763.6532
microsoftwindows_server_2022>= 10.0.20348.0 < 10.0.20348.284910.0.20348.2849
microsoftwindows_server_2025>= 10.0.26100.0 < 10.0.26100.231410.0.26100.2314
msrcwindows_10
msrcwindows_10_version_1607
msrcwindows_10_version_1809
msrcwindows_10_version_21h2
msrcwindows_10_version_22h2
msrcwindows_11_version_22h2
msrcwindows_11_version_23h2
msrcwindows_11_version_24h2
msrcwindows_server_2008

CVSS provenance

cvelistv56.5MEDIUM
vulncheck6.5MEDIUM
cisa6.5MEDIUM