CVE-2022-21919
CVSS v3.1
7 (High)
CVSS v2.0
6.9 (Medium)
EPSS
0.38 % (73th)
Affected Products
17
Advisories
2
NVD Status
Analyzed
Windows User Profile Service Elevation of Privilege Vulnerability
Weaknesses
- CWE-59
- Improper Link Resolution Before File Access ('Link Following')
- CVE Status
- PUBLISHED
- NVD Status
- Analyzed
- CNA
- Microsoft Corporation
- Published Date
-
2022-01-11 21:15:13
(2 years ago) - Updated Date
-
2024-07-02 17:03:57
(2 months ago)
Microsoft Windows User Profile Service Privilege Escalation Vulnerability (CISA - Known Exploited Vulnerabilities Catalog)
- Description
- Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.
- Required Action
- Apply updates per vendor instructions.
- Known to be Used in Ransomware Campaigns
- Unknown
- Notes
- https://nvd.nist.gov/vuln/detail/CVE-2022-21919
- Vendor
- Microsoft
- Product
- Windows
- In CISA Catalog from
-
2022-04-25
(2 years ago) - Due Date
-
2022-05-16
(2 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...