Skip to main content

Windows Server CVE-2022-26938

HIGH
2022-05-10 secure@microsoft.com
7.0
CVSS 3.1 · Vendor: microsoft
Share

Severity by source

Vendor (microsoft) PRIMARY
7.0 HIGH
AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from Vendor (microsoft) · only source for this CVE.

CVSS VectorVendor: microsoft

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
May 10, 2022 - 21:15 cve.org
HIGH 7.0

DescriptionCVE.org

Storage Spaces Direct Elevation of Privilege Vulnerability

AnalysisAI

Storage Spaces Direct Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0).

Technical ContextAI

Affected products include: Microsoft Windows Server, Microsoft Windows Server 2016, Microsoft Windows Server 2019.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2018-8410 HIGH POC
7.8 Sep 13

An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory

CVE-2018-0877 HIGH POC
7.8 Mar 14

The Desktop Bridge Virtual File System (VFS) in Windows 10 1607, 1703, and 1709, Windows Server 2016 and Windows Server,

CVE-2017-11788 HIGH
7.5 Nov 15

Windows Search in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2,

CVE-2018-0882 HIGH POC
7.0 Mar 14

The Desktop Bridge in Windows 10 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an el

CVE-2018-0880 HIGH POC
7.0 Mar 14

The Desktop Bridge in Windows 10 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an el

CVE-2017-11927 MEDIUM
6.5 Dec 12

Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold,

CVE-2022-26934 MEDIUM
6.5 May 10

Windows Graphics Component Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is

CVE-2022-29130 CRITICAL
9.8 May 10

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated critical severity (CVSS

CVE-2022-26937 CRITICAL
9.8 May 10

Windows Network File System Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability

CVE-2022-22012 CRITICAL
9.8 May 10

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated critical severity (CVSS

CVE-2021-43217 CRITICAL
9.8 Dec 15

Windows Encrypting File System (EFS) Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulne

CVE-2021-43215 CRITICAL
9.8 Dec 15

iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution. Rated critical severity (CVSS 9.8), this

Share

CVE-2022-26938 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy