CVE CVE

CVE-2024-43451

CISA Known Exploited Vulnerability (KEV)

Microsoft Windows NTLMv2 Hash Disclosure Spoofing Vulnerability

November 12, 2024

December 3, 2024

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Description

NTLM Hash Disclosure Spoofing Vulnerability

Weakness Enumeration

CWE-ID CWE Name

CWE-73
External Control of File Name or Path

Known Affected Software Configurations


cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7159:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5427:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.5576:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4467:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5850:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5356:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.6054:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7259:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5582:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.3406:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4770:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5291:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6167:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7070:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.3887:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.5820:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.6189:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6897:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5648:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4974:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.3532:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.5122:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2565:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2452:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5066:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.1999:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4946:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4530:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6981:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6351:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6452:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6796:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5246:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.6293:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.5936:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4645:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4737:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.5458:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.6532:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.5696:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4886:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4252:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.4851:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5501:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.3650:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.3770:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.3287:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4651:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2803:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2928:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2300:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.3046:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2061:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2114:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5125:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7336:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5192:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4583:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.3165:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2183:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7515:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.6085:*:*:*:standard:*:x64:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6897:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6897:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20596:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20596:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.5576:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.4651:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.4412:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6709:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.4651:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.5131:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.4780:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.6709:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.6293:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.4291:*:*:*:*:*:arm64:*

cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.6293:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.4291:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.4894:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_22h2:10.0.19045.5131:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.6189:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.6532:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.4412:*:*:*:*:*:arm64:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.4170:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.6532:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.4651:*:*:*:*:*:arm64:*

cpe:2.3:o:microsoft:windows_10_22h2:10.0.19045.4651:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.4291:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.4170:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.5582:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.5131:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.5582:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20651:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_22h2:10.0.19045.4412:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_21h2:10.0.19044.4412:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20826:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20766:*:*:*:*:*:x64:*

cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.20766:*:*:*:*:*:x86:*

Details

Source:
NVD
Published:
Updated:

Risk information

CVSS v3

Base score:
6.5
Severity:

MEDIUM

Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CVSS v2

Not defined