Windows Admin Center Spoofing Vulnerability
CVE-2023-29347

8.7HIGH

Key Information:

Vendor: Microsoft
Status: Windows Admin Center
Vendor: CVE Published:; 11 July 2023

Summary

A security flaw in Windows Admin Center allows attackers to impersonate a legitimate user, potentially gaining unauthorized access to sensitive information and administrative functions. This vulnerability can be exploited through specially crafted requests that may deceive the system into granting access privileges that should be restricted.

Affected Version(s)

Windows Admin Center Unknown 1809.0 < 2306

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

8.7

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Jul 11, 2023
Vulnerability Reserved
Apr 4, 2023