CVE-2022-21995

HIGH7.9JSON export Create alert

Description

Windows Hyper-V Remote Code Execution Vulnerability

CVSS breakdown

CVSS 3.1

Attack Vector

Adjacent

Attack Complexity

High

Privileges Required

None

User Interaction

Required

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

E

Unchanged

RL

O

RC

Changed

Affected products

Microsoft / Windows 10 Version 150710.0.10240.0 – 10.0.10240.19204
Microsoft / Windows 10 Version 160710.0.14393.0 – 10.0.14393.4946
Microsoft / Windows 10 Version 180910.0.17763.0 – 10.0.17763.2565
Microsoft / Windows 10 Version 190910.0.0 – 10.0.18363.2094
Microsoft / Windows 10 Version 21H110.0.0 – 10.0.19043.1526
Microsoft / Windows 10 Version 21H210.0.19043.0 – 10.0.19044.1526
Microsoft / Windows 11 version 21H210.0.0 – 10.0.22000.493
Microsoft / Windows Server 201610.0.14393.0 – 10.0.14393.4946
Microsoft / Windows Server 2016 (Server Core installation)10.0.14393.0 – 10.0.14393.4946
Microsoft / Windows Server 201910.0.17763.0 – 10.0.17763.2565
Microsoft / Windows Server 2019 (Server Core installation)10.0.17763.0 – 10.0.17763.2565
Microsoft / Windows Server 202210.0.20348.0 – 10.0.20348.524
Microsoft / Windows Server version 20H210.0.0 – 10.0.19042.1526

References

VENDOR_ADVISORYhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21995