Home

CVE-2022-23278

Description

Microsoft Defender for Endpoint Spoofing Vulnerability

Risk Information

Base Score
5.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
EPSS Score
Exploitation Probability
2.691

Associated Vulnerability

VulnerabilityOS Platform
Microsoft Visual Studio Information Disclosure Vulnerability for the information disclosure vulnerability in Visual Studio 2010 Service Pack 1 (KB4476698)Windows
Microsoft Visual Studio Information Disclosure Vulnerability for the information disclosure vulnerability in Visual Studio 2012 Update 5 (KB4476755)Windows
Visual Studio Information Disclosure Vulnerability for the information disclosure vulnerability in Microsoft Visual Studio 2010 Service Pack 1 (KB4506161)Windows
Visual Studio Information Disclosure Vulnerability for the information disclosure vulnerability in Microsoft Visual Studio 2013 Update 5 (KB4506163)Windows
Visual Studio Information Disclosure Vulnerability for the information disclosure vulnerability in Microsoft Visual Studio 2012 Update 5 (KB4506162)Windows
VP9 Video Extensions Remote Code Execution Vulnerability for the information disclosure vulnerability in Visual Studio 2013 Update 5 (KB4089283)Windows
VP9 Video Extensions Remote Code Execution Vulnerability Azure Information Protection unified labeling client (2.9.116.0)Windows
Azure RTOS Information Disclosure Vulnerability Azure Information Protection unified labeling client (2.12.62.0)Windows
2022-03 Cumulative Update for Windows 10 Version 1909 for x86-based Systems (KB5011485)Windows
2022-03 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB5011485)Windows
2022-03 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5011487)Windows
2022-03 Cumulative Update for Windows 10 Version 20H2 for x86-based Systems (KB5011487)Windows
2022-03 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5011487)Windows
2022-03 Cumulative Update for Windows 10 Version 21H1 for x86-based Systems (KB5011487)Windows
2022-03 Cumulative Update for Windows 10 Version 21H2 for x86-based Systems (KB5011487)Windows
2022-03 Cumulative Update for Windows 10 Version 21H2 for x64-based Systems (KB5011487)Windows
2022-03 Cumulative Update for Windows 11 for x64-based Systems (KB5011493)Windows
2022-03 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5011503)Windows
2022-03 Cumulative Update for Windows 10 Version 1809 for x86-based Systems (KB5011503)Windows
2022-03 Cumulative Update for Windows Server 2019 for x64-based Systems (KB5011503)Windows
2022-03 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5011497)Windows
Microsoft Defender for Endpoint Spoofing Vulnerability for the information disclosure vulnerability in Microsoft Visual Studio 2015 Update 3 (KB4506164)Windows
Microsoft Defender for Endpoint Spoofing Vulnerability Azure Information Protection unified labeling client (2.13.49.0)Windows
query and manipulate user account information (USN-4616-1) accountsservice_0.6.45-1ubuntu1.3_i386.debLinux
query and manipulate user account information (USN-4616-1) accountsservice_0.6.45-1ubuntu1.3_amd64.debLinux
query and manipulate user account information (USN-4616-1) accountsservice_0.6.40-2ubuntu11.6_i386.debLinux
query and manipulate user account information (USN-4616-1) accountsservice_0.6.40-2ubuntu11.6_amd64.debLinux
query and manipulate user account information (USN-4616-1) accountsservice_0.6.55-0ubuntu13.2_amd64.debLinux
query and manipulate user account information (USN-4616-1) accountsservice_0.6.55-0ubuntu12~20.04.4_amd64.debLinux
query and manipulate user account information (USN-4616-1) libaccountsservice0_0.6.45-1ubuntu1.3_i386.debLinux
query and manipulate user account information (USN-4616-1) libaccountsservice0_0.6.45-1ubuntu1.3_amd64.debLinux
query and manipulate user account information (USN-4616-1) libaccountsservice0_0.6.40-2ubuntu11.6_i386.debLinux
query and manipulate user account information (USN-4616-1) libaccountsservice0_0.6.40-2ubuntu11.6_amd64.debLinux
query and manipulate user account information (USN-4616-1) libaccountsservice0_0.6.55-0ubuntu13.2_amd64.debLinux
query and manipulate user account information (USN-4616-1) libaccountsservice0_0.6.55-0ubuntu12~20.04.4_amd64.debLinux
query and manipulate user account information (USN-5149-1) accountsservice_0.6.55-0ubuntu13.3_amd64.debLinux
query and manipulate user account information (USN-5149-1) accountsservice_0.6.55-0ubuntu14.1_amd64.debLinux
query and manipulate user account information (USN-5149-1) accountsservice_0.6.55-0ubuntu12~20.04.5_amd64.debLinux
query and manipulate user account information (USN-5149-1) libaccountsservice0_0.6.55-0ubuntu13.3_amd64.debLinux
query and manipulate user account information (USN-5149-1) libaccountsservice0_0.6.55-0ubuntu14.1_amd64.debLinux
query and manipulate user account information (USN-5149-1) libaccountsservice0_0.6.55-0ubuntu12~20.04.5_amd64.debLinux

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-26017Security update for the information disclosure vulnerability in Visual Studio 2010 Service Pack 1 (KB4476698)
PATCH-26016Security update for the information disclosure vulnerability in Visual Studio 2012 Update 5 (KB4476755)
PATCH-27172Security update for the information disclosure vulnerability in Microsoft Visual Studio 2010 Service Pack 1 (KB4506161)
PATCH-27184Security update for the information disclosure vulnerability in Microsoft Visual Studio 2013 Update 5 (KB4506163)
PATCH-27173Security update for the information disclosure vulnerability in Microsoft Visual Studio 2012 Update 5 (KB4506162)
PATCH-26921Security update for the information disclosure vulnerability in Visual Studio 2013 Update 5 (KB4089283)
PATCH-332802022-03 Cumulative Update for Windows 10 Version 1909 for x86-based Systems (KB5011485) (CVE-2022-21990) (CVE-2022-24459)
PATCH-332812022-03 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB5011485) (CVE-2022-21990) (CVE-2022-24459)
PATCH-332692022-03 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5011487) (CVE-2022-21990) (CVE-2022-24459) (CVE-2022-24508)
PATCH-332702022-03 Cumulative Update for Windows 10 Version 20H2 for x86-based Systems (KB5011487) (CVE-2022-21990) (CVE-2022-24459) (CVE-2022-24508)
PATCH-332722022-03 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5011487) (CVE-2022-21990) (CVE-2022-24459) (CVE-2022-24508)
PATCH-332732022-03 Cumulative Update for Windows 10 Version 21H1 for x86-based Systems (KB5011487) (CVE-2022-21990) (CVE-2022-24459) (CVE-2022-24508)
PATCH-332742022-03 Cumulative Update for Windows 10 Version 21H2 for x86-based Systems (KB5011487) (CVE-2022-21990) (CVE-2022-24459) (CVE-2022-24508)
PATCH-332752022-03 Cumulative Update for Windows 10 Version 21H2 for x64-based Systems (KB5011487) (CVE-2022-21990) (CVE-2022-24459) (CVE-2022-24508)
PATCH-332762022-03 Cumulative Update for Windows 11 for x64-based Systems (KB5011493) (CVE-2022-21990) (CVE-2022-24459) (CVE-2022-24508)
PATCH-332822022-03 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5011503) (CVE-2022-21990) (CVE-2022-24459)
PATCH-332832022-03 Cumulative Update for Windows 10 Version 1809 for x86-based Systems (KB5011503) (CVE-2022-21990) (CVE-2022-24459)
PATCH-332842022-03 Cumulative Update for Windows Server 2019 for x64-based Systems (KB5011503) (CVE-2022-21990) (CVE-2022-24459)
PATCH-332852022-03 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5011497) (CVE-2022-21990) (CVE-2022-24459) (CVE-2022-24508)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234