CVE CVE

CVE-2024-43451

CISA Known Exploited Vulnerability (KEV)

Microsoft Windows NTLMv2 Hash Disclosure Spoofing Vulnerability

November 12, 2024

December 3, 2024

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Description

NTLM Hash Disclosure Spoofing Vulnerability

Weakness Enumeration

CWE-ID CWE Name

CWE-73
External Control of File Name or Path

Known Affected Software Configurations


cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.7336:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.7259:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1607:10.14393.7159:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1607:10.14393.7070:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.7336:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.7515:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.7159:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1607:10.14393.7070:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1607:10.14393.6709:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6981:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1607:10.14393.7428:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1607:10.14393.6709:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1607:10.14393.7159:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1607:10.14393.6796:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1607:10.14393.6796:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6796:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.7159:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6796:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.7070:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1607:10.14393.7428:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6981:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1607:10.14393.7259:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.7070:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1607:10.14393.6981:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1607:10.14393.6981:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1607:10.14393.7515:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1607:10.14393.7336:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1607:10.14393.7515:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1607:10.14393.7259:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1607:10.14393.7336:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1607:10.14393.6897:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1607:10.14393.6800:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.7515:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1607:10.14393.6800:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.7259:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1607:10.14393.6897:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_server_2022_23h2:10.0.25398.709:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.4046:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.2788:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.2788:*:*:*:*:*:arm64:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.2788:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.3693:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.3693:*:*:*:*:*:arm64:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.3803:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.3693:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.3803:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.3803:*:*:*:*:*:arm64:*

cpe:2.3:o:microsoft:windows_11_22h2:10.0.22621.3007:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_22h2:10.0.19045.3930:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.5329:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6614:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2022_23h2:10.0.25398.643:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_11_22h2:10.0.22621.3007:*:*:*:*:*:arm64:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.3930:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.25398.643:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.2227:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.5329:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6614:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6614:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.3930:*:*:*:*:*:arm64:*

cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20402:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_11_23h2:10.0.22631.3007:*:*:*:*:*:arm64:*

cpe:2.3:o:microsoft:windows_10_22h2:10.0.19045.3930:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_22h2:10.0.19045.3930:*:*:*:*:*:arm64:*

cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20402:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.3930:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_11_23h2:10.0.22631.3007:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022_23h2:10.0.25398.531:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022_23h2:10.0.25398.521:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022_23h2:10.0.25398.584:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022_23h2:-:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1607:*:*:*:azure:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1487:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1366:*:*:*:azure:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1311:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1311:*:*:*:datacenter:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1249:*:*:*:azure:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1366:*:*:*:datacenter:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1249:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1194:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1006:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1006:*:*:*:datacenter:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1607:*:*:*:datacenter:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1487:*:*:*:datacenter:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1249:*:*:*:datacenter:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1194:*:*:*:datacenter:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1251:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1251:*:*:*:datacenter:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1368:*:*:*:datacenter:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1131:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1006:*:*:*:azure:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1129:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1368:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1131:*:*:*:datacenter:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1131:*:*:*:azure:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1129:*:*:*:datacenter:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1311:*:*:*:azure:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1070:*:*:*:datacenter:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1366:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.1194:*:*:*:azure:*:x64:*

Details

Source:
NVD
Published:
Updated:

Risk information

CVSS v3

Base score:
6.5
Severity:

MEDIUM

Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CVSS v2

Not defined