CVE-2022-26934

MEDIUM6.5JSON export Create alert

Description

Windows Graphics Component Information Disclosure Vulnerability

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Unchanged

Changed

Affected products

Microsoft / Microsoft 365 Apps for Enterprise16.0.1 – https://aka.ms/OfficeSecurityReleases
Microsoft / Microsoft Office 2019 for Mac16.0.0 – 16.63.22070801
Microsoft / Microsoft Office LTSC for Mac 202116.0.1 – 16.63.22070801
Microsoft / Windows 10 Version 150710.0.10240.0 – 10.0.10240.19297
Microsoft / Windows 10 Version 160710.0.14393.0 – 10.0.14393.5125
Microsoft / Windows 10 Version 180910.0.17763.0 – 10.0.17763.2928
Microsoft / Windows 10 Version 180910.0.0 – 10.0.17763.2928
Microsoft / Windows 10 Version 190910.0.0 – 10.0.18363.2274
Microsoft / Windows 10 Version 20H210.0.0 – 10.0.19042.1706
Microsoft / Windows 10 Version 21H110.0.0 – 10.0.19043.1706
Microsoft / Windows 10 Version 21H210.0.19043.0 – 10.0.19043.1706
Microsoft / Windows 11 version 21H210.0.0 – 10.0.22000.675
Microsoft / Windows 76.1.0 – 6.1.7601.25954
Microsoft / Windows 7 Service Pack 16.1.0 – 6.1.7601.25954
Microsoft / Windows 8.16.3.0 – 6.3.9600.20371
Microsoft / Windows Server 2008 R2 Service Pack 16.1.7601.0 – 6.1.7601.25954
Microsoft / Windows Server 2008 R2 Service Pack 1 (Server Core installation)6.1.7601.0 – 6.1.7601.25954
Microsoft / Windows Server 2008 Service Pack 26.0.6003.0 – 6.0.6003.21481
Microsoft / Windows Server 2008 Service Pack 2 (Server Core installation)6.0.6003.0 – 6.0.6003.21481
Microsoft / Windows Server 20126.2.9200.0 – 6.2.9200.23714
Microsoft / Windows Server 2012 R26.3.9600.0 – 6.3.9600.20371
Microsoft / Windows Server 2012 R2 (Server Core installation)6.3.9600.0 – 6.3.9600.20371
Microsoft / Windows Server 2012 (Server Core installation)6.2.9200.0 – 6.2.9200.23714
Microsoft / Windows Server 201610.0.14393.0 – 10.0.14393.5125
Microsoft / Windows Server 2016 (Server Core installation)10.0.14393.0 – 10.0.14393.5125
Microsoft / Windows Server 201910.0.17763.0 – 10.0.17763.2928
Microsoft / Windows Server 2019 (Server Core installation)10.0.17763.0 – 10.0.17763.2928
Microsoft / Windows Server 202210.0.20348.0 – 10.0.20348.707
Microsoft / Windows Server version 20H210.0.0 – 10.0.19042.1706

References

VENDOR_ADVISORYhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26934