Summaryinfo

A vulnerability described as critical has been identified in Microsoft Windows up to Server 2022. Affected is an unknown function of the component Hyper-V. Such manipulation leads to denial of service. This vulnerability is documented as CVE-2023-23411. The attack needs to be performed locally. There is not any exploit available. It is best practice to apply a patch to resolve this issue.

Detailsinfo

A vulnerability was found in Microsoft Windows up to Server 2022 (Operating System). It has been rated as critical. Affected by this issue is an unknown code block of the component Hyper-V. The manipulation with an unknown input leads to a denial of service vulnerability. Using CWE to declare the problem leads to CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use. Impacted is availability.

The weakness was released 03/14/2023 as confirmed security guidance (Website). The advisory is available at portal.msrc.microsoft.com. This vulnerability is handled as CVE-2023-23411. The technical details are unknown and an exploit is not available.

Applying a patch is able to eliminate this problem. A possible mitigation has been published immediately after the disclosure of the vulnerability.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Productinfo

Type

• Operating System

Vendor

• Microsoft

Name

• Windows

Version

• 10
• 10 20H2
• 10 21H2
• 10 22H2
• 10 1607
• 10 1809
• 11 21H2
• 11 22H2
• Server 2016
• Server 2019
• Server 2022

License

• commercial

Website

• Vendor: https://www.microsoft.com/
• Product: https://www.microsoft.com/en-us/windows

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion