Msrc Windows Server 2016 vulnerabilities

CVE-2023-36438 [HIGH] Windows TCP/IP Information Disclosure Vulnerability Windows TCP/IP Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the unencrypted contents of IPsec packets from other sessions on a server. Windows TCP/IP: Windows TCP/IP Microsoft: Microsoft Customer Action Required: Yes Impact: Information Disclosure

CVE-2023-36710 [HIGH] CWE-197 Windows Media Foundation Core Remote Code Execution Vulnerability Windows Media Foundation Core Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For e

CVE-2023-36583 [HIGH] CWE-416 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally.

CVE-2023-36711 [HIGH] CWE-59 Windows Runtime C++ Template Library Elevation of Privilege Vulnerability Windows Runtime C++ Template Library Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker would only be able to move targeted files on a system. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker would only be able to delete targeted files on

CVE-2023-36577 [HIGH] CWE-122 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution? An authenticated victim who is connected to the network must be tricked or persuaded to connect to a malicious SQL database using th

CVE-2023-36593 [HIGH] CWE-190 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally.

CVE-2023-36582 [HIGH] CWE-190 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally.

CVE-2023-41771 [HIGH] CWE-416 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Layer 2 Tunneling Protocol Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. FAQ: How could an attacker exploit this vulnerability? An unauthenticated attacker could send a specially crafted protocol message to

CVE-2023-36436 [HIGH] Windows MSHTML Platform Remote Code Execution Vulnerability Windows MSHTML Platform Remote Code Execution Vulnerability FAQ: How could an attacker successfully exploit this vulnerability? An attacker could successfully exploit this vulnerability by invoking the PrintHTML API from a locally running application (or by tricking a user into doing so) which could allow the attacker to launch an app via application protocols without prompting the user. FAQ: According to the CVS

CVE-2023-36726 [HIGH] CWE-416 Windows Internet Key Exchange (IKE) Extension Elevation of Privilege Vulnerability Windows Internet Key Exchange (IKE) Extension Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? A domain user could use this vulnerability to elevate privileges to SYSTEM assigned integrity level. Windows IKE Extension: Windows IKE Extension Microsoft: Microsoft Customer Action Required: Yes Imp

CVE-2023-36703 [HIGH] CWE-400 DHCP Server Service Denial of Service Vulnerability DHCP Server Service Denial of Service Vulnerability Windows DHCP Server: Windows DHCP Server Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5031361 Reference: https://support.microsoft.com/help/5031361

CVE-2023-44487 [HIGH] CWE-400 MITRE: CVE-2023-44487 HTTP/2 Rapid Reset Attack MITRE: CVE-2023-44487 HTTP/2 Rapid Reset Attack HTTP/2: HTTP/2 MITRE Corporation: MITRE Corporation Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:Yes;Latest Software Release:Exploitation Detected;DOS:N/A Reference: https://dotnet.microsoft.com/download/dotnet/6.0 Reference: https://support.microsoft.com/help/5032874 Remediation: Release Notes Reference:

CVE-2023-41770 [HIGH] CWE-416 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Layer 2 Tunneling Protocol Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. FAQ: How could an attacker exploit this vulnerability? An unauthenticated attacker could send a specially crafted protocol message to

CVE-2023-36589 [HIGH] Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For exa

CVE-2023-41767 [HIGH] CWE-416 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Layer 2 Tunneling Protocol Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does

CVE-2023-36557 [HIGH] PrintHTML API Remote Code Execution Vulnerability PrintHTML API Remote Code Execution Vulnerability FAQ: How could an attacker successfully exploit this vulnerability? An attacker could successfully exploit this vulnerability by invoking the PrintHTML API from a locally running application (or by tricking a user into doing so) which could allow the attacker to launch an app via application protocols without prompting the user. FAQ: According to the CVSS metric, the attack

CVE-2023-36573 [HIGH] Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or compromise a legitimate MSMQ server host and make it r

CVE-2023-36596 [HIGH] CWE-822 Remote Procedure Call Information Disclosure Vulnerability Remote Procedure Call Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. Windows Remote Procedure Call: Windows Remote Procedure Call Microsoft: Microsoft Customer Action Required: Yes Impact: Information Disclosure Exploit Status: Pub

CVE-2023-36731 [HIGH] CWE-20 Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Win32K: Windows Win32K Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Ex

CVE-2023-36571 [HIGH] Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? Successful exploitation of this vulnerability could allow an authenticated domain user to remotely execute code on the target server. The attacker needs to convince a user on the target machine to connect to a malicious server or compromise a legitimate MSMQ server host and make it r