2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2022-26918" ,
"sourceIdentifier" : "secure@microsoft.com" ,
"published" : "2022-04-15T19:15:15.463" ,
2024-11-23 15:12:23 +00:00
"lastModified" : "2024-11-21T06:54:47.670" ,
2023-06-29 02:00:35 +00:00
"vulnStatus" : "Modified" ,
2024-12-08 03:06:42 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
2023-06-29 02:00:35 +00:00
"value" : "Windows Fax Compose Form Remote Code Execution Vulnerability"
2023-04-24 12:24:31 +02:00
} ,
{
"lang" : "es" ,
"value" : "Una vulnerabilidad de Ejecuci\u00f3n de C\u00f3digo Remota en Windows Fax Compose Form. Este ID de CVE es diferente de CVE-2022-26916, CVE-2022-26917"
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
"source" : "secure@microsoft.com" ,
2024-11-23 15:12:23 +00:00
"type" : "Secondary" ,
2023-04-24 12:24:31 +02:00
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" ,
2024-11-23 15:12:23 +00:00
"baseScore" : 7.8 ,
"baseSeverity" : "HIGH" ,
2023-04-24 12:24:31 +02:00
"attackVector" : "LOCAL" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "REQUIRED" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "HIGH" ,
2024-11-23 15:12:23 +00:00
"availabilityImpact" : "HIGH"
2023-04-24 12:24:31 +02:00
} ,
"exploitabilityScore" : 1.8 ,
"impactScore" : 5.9
}
] ,
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:H/Au:N/C:P/I:P/A:P" ,
2024-11-23 15:12:23 +00:00
"baseScore" : 5.1 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "NETWORK" ,
"accessComplexity" : "HIGH" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "PARTIAL" ,
"integrityImpact" : "PARTIAL" ,
2024-11-23 15:12:23 +00:00
"availabilityImpact" : "PARTIAL"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 4.9 ,
"impactScore" : 6.4 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : true
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "NVD-CWE-noinfo"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "21540673-614A-4D40-8BD7-3F07723803B0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9E2C378B-1507-4C81-82F6-9F599616845A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "FAE4278F-71A7-43E9-8F79-1CBFAE71D730"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:microsoft:windows_10:21h2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "71E65CB9-6DC2-4A90-8C6A-103BEDC99823"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6B8F3DD2-A145-4AF1-8545-CC42892DA3D1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E9273B95-20ED-4547-B0A8-95AD15B30372"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:arm64:*" ,
"matchCriteriaId" : "B9F64296-66BF-4F1D-A11C-0C44C347E2AC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:x64:*" ,
"matchCriteriaId" : "5D7F7DDB-440E-42CD-82F4-B2C13F3CC462"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*" ,
"matchCriteriaId" : "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C6CE5198-C498-4672-AF4C-77AB4BE06C5C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*" ,
"matchCriteriaId" : "5F422A8C-2C4E-42C8-B420-E0728037E15C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*" ,
"matchCriteriaId" : "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "DB18C4CE-5917-401E-ACF7-2747084FD36E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4A190388-AA82-4504-9D5A-624F23268C9F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "DB79EE26-FC32-417D-A49C-A1A63165A968"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
] ,
"references" : [
{
2023-06-29 02:00:35 +00:00
"url" : "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26918" ,
"source" : "secure@microsoft.com"
2024-11-23 15:12:23 +00:00
} ,
{
"url" : "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26918" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
2023-04-24 12:24:31 +02:00
}
]
}
