CVE-2025-59188
published 2025-10-14CVE-2025-59188: Exposure of sensitive information to an unauthorized actor in Windows Failover Cluster allows an authorized attacker to disclose information locally.
medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
Exposure of sensitive information to an unauthorized actor in Windows Failover Cluster allows an authorized attacker to disclose information locally.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_server_2012 | — | — |
| microsoft | windows_server_2012 | >= 6.2.9200.0 < 6.2.9200.25722 | 6.2.9200.25722 |
| microsoft | windows_server_2012_r2 | >= 6.3.9600.0 < 6.3.9600.22824 | 6.3.9600.22824 |
| microsoft | windows_server_2016 | < 10.0.14393.8519 | 10.0.14393.8519 |
| microsoft | windows_server_2016 | >= 10.0.14393.0 < 10.0.14393.8519 | 10.0.14393.8519 |
| microsoft | windows_server_2019 | < 10.0.17763.7919 | 10.0.17763.7919 |
| microsoft | windows_server_2019 | >= 10.0.17763.0 < 10.0.17763.7919 | 10.0.17763.7919 |
| microsoft | windows_server_2022 | < 10.0.20348.4294 | 10.0.20348.4294 |
| microsoft | windows_server_2022 | >= 10.0.20348.0 < 10.0.20348.4294 | 10.0.20348.4294 |
| microsoft | windows_server_2022_23h2 | < 10.0.25398.1913 | 10.0.25398.1913 |
| microsoft | windows_server_2025 | < 10.0.26100.6899 | 10.0.26100.6899 |
| microsoft | windows_server_2025 | >= 10.0.26100.0 < 10.0.26100.6899 | 10.0.26100.6899 |
| msrc | windows_server_2012 | — | — |
| msrc | windows_server_2012_r2 | — | — |
| msrc | windows_server_2016 | — | — |
| msrc | windows_server_2019 | — | — |
| msrc | windows_server_2022 | — | — |
| msrc | windows_server_2022_23h2_edition | — | — |
| msrc | windows_server_2025 | — | — |