CVE-2022-38028

high

Description

Windows Print Spooler Elevation of Privilege Vulnerability

References

https://thehackernews.com/2024/05/microsoft-outlook-flaw-exploited-by.html

https://www.microsoft.com/en-us/security/blog/2024/04/22/analyzing-forest-blizzards-custom-post-compromise-tool-for-exploiting-cve-2022-38028-to-obtain-credentials/

https://www.tenable.com/blog/microsofts-march-2024-patch-tuesday-addresses-59-cves-cve-2024-21407

https://www.tenable.com/blog/microsofts-january-2023-patch-tuesday-addresses-98-cves-cve-2023-21674

https://www.tenable.com/blog/microsofts-october-2022-patch-tuesday-addresses-84-cves-cve-2022-41033

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38028

Details

Source: Mitre, NVD

Published: 2022-10-11

Updated: 2024-09-11

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High