CVE-2023-21687 — Vulnetix

Try Vulnetix Request Demo

CVE-2023-21687 PUBLISHED CVSS 5.5 MEDIUM

HTTP.sys Information Disclosure Vulnerability

EPSS 2.92% · 86.3th percentile

Risk Scores

CVSS v3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

EPSS Score

2.92%

86.3th percentile

Affected Products

Vendor	Product	Versions
Microsoft	Windows 11 version 22H2	10.0.22621.0
Microsoft	Windows Server 2022	10.0.20348.0
microsoft	windows_11_21H2	10.0.0
microsoft	windows_11_22h2	0, 0, 0
microsoft	windows_11_22H2	10.0.22621.0
microsoft	windows_11_21h2	0, 0, 0
Microsoft	Windows 11 version 21H2	10.0.0
microsoft	windows_server_2022	10.0.20348.0

Timeline

Feb 14, 2023 CVE Published
Feb 15, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 26, 2023 EPSS Score
Jun 12, 2023 EPSS Score
Jul 21, 2023 EPSS Score
Aug 29, 2023 EPSS Score
Oct 7, 2023 EPSS Score
Nov 15, 2023 EPSS Score
Feb 1, 2024 EPSS Score
Mar 11, 2024 EPSS Score
Apr 19, 2024 EPSS Score

References

https://msrc.microsoft.com/update-guide/ advisory
HTTP.sys Information Disclosure Vulnerability vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2023-21687 advisory

Open in Interactive Console →