CVE-2022-41064

Published: Nov 9, 2022Modified: Jan 2, 2025

5.8

Vector

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

Exploitability: 1.3 / Impact: 4.0

Source: secure@microsoft.com (Secondary)

Description

.NET Framework Information Disclosure Vulnerability

Affected (9)

Products: Microsoft: .net Framework, Nuget

2 products

Configuration A

1 platform

Running on/with	Platform Versions
Microsoft Windows Server 2022	All versions

Configuration B

2 platform

Running on/with	Platform Versions
Microsoft Windows Server 2008	All versions
Microsoft Windows Server 2008	All versions

Configuration C

2 platform

Running on/with	Platform Versions
Microsoft Windows Rt 8.1	All versions
Microsoft Windows Server 2008	Version r2

Configuration D

3 platform

Running on/with	Platform Versions
Microsoft Windows 10	Version 21h1
Microsoft Windows 10	Version 21h1
Microsoft Windows 10	Version 21h1

Configuration E

2 platform

Running on/with	Platform Versions
Microsoft Windows 7	All versions
Microsoft Windows 7	All versions

Configuration F

3 platform

Running on/with	Platform Versions
Microsoft Windows 10	Version 21h2
Microsoft Windows 10	Version 21h2
Microsoft Windows 10	Version 21h2

Configuration G

3 platform

Running on/with	Platform Versions
Microsoft Windows 10	Version 20h2
Microsoft Windows 10	Version 20h2
Microsoft Windows 10	Version 20h2

Configuration H

3 platform

Running on/with	Platform Versions
Microsoft Windows 10	Version 22h2
Microsoft Windows 10	Version 22h2
Microsoft Windows 10	Version 22h2

Configuration I

2 platform

Running on/with	Platform Versions
Microsoft Windows Server 2012	All versions
Microsoft Windows Server 2012	Version r2

Configuration J

3 platform

Running on/with	Platform Versions
Microsoft Windows 10	Version 1809
Microsoft Windows 10	Version 1809
Microsoft Windows 10	Version 1809

Configuration K

2 platform

Running on/with	Platform Versions
Microsoft Windows 10	Version 1607
Microsoft Windows 10	Version 1607

Configuration L

1 platform

Running on/with	Platform Versions
Microsoft Windows Server 2019	All versions

Configuration M

1 platform

Running on/with	Platform Versions
Microsoft Windows Server 2016	All versions

Configuration N

3 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Microsoft .net Framework	Version 4.7.1
Microsoft .net Framework	Version 4.7.2
Microsoft .net Framework	Version 4.7

Running on/with	Platform Versions
Microsoft Windows 8.1	All versions
Microsoft Windows 8.1	All versions

Configuration O

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Microsoft .net Framework	Version 4.6.2

Running on/with	Platform Versions
Microsoft Windows 10	All versions
Microsoft Windows 10	All versions

Configuration P

2 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Microsoft .net Framework	Version 4.8.1
Microsoft .net Framework	Version 4.8

Running on/with	Platform Versions
Microsoft Windows 11	All versions
Microsoft Windows 11	Version 22h2

Configuration Q

3 vulnerable

Vulnerable Software	Affected Versions
Microsoft Nuget	Before 1.1.4
Microsoft Nuget	From 2.0.0 to 2.1.2
Microsoft Nuget	From 3.0.0 to 4.8.5

References (2)

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41064

Source: secure@microsoft.com

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41064

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.