Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1,493 changed files
with
12,348 additions
and
0 deletions.
There are no files selected for viewing
106 changes: 106 additions & 0 deletions
106
repository/definitions/vulnerability/oval_org.cisecurity_def_9243.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,106 @@ | ||
<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9243" version="1"> | ||
<metadata> | ||
<title>Windows DWM Core Library Elevation of Privilege Vulnerability - CVE-2022-23291</title> | ||
<affected family="windows"> | ||
<platform>Microsoft Windows 10</platform> | ||
<platform>Microsoft Windows 11</platform> | ||
<platform>Microsoft Windows Server 2019</platform> | ||
<platform>Microsoft Windows Server 2022</platform> | ||
</affected> | ||
<reference ref_id="CVE-2022-23291" source="CVE" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23291" /> | ||
<reference ref_id="MSRC-CVE-2022-23291" source="Vendor Advisory" ref_url="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23291" /> | ||
<reference ref_id="KB5011503" source="Vendor Advisory" ref_url="https://support.microsoft.com/en-us/help/5011503" /> | ||
<reference ref_id="KB5011485" source="Vendor Advisory" ref_url="https://support.microsoft.com/en-us/help/5011485" /> | ||
<reference ref_id="KB5011487" source="Vendor Advisory" ref_url="https://support.microsoft.com/en-us/help/5011487" /> | ||
<reference ref_id="KB5011497" source="Vendor Advisory" ref_url="https://support.microsoft.com/en-us/help/5011497" /> | ||
<reference ref_id="KB5011493" source="Vendor Advisory" ref_url="https://support.microsoft.com/en-us/help/5011493" /> | ||
<description /> | ||
<oval_repository> | ||
<dates> | ||
<submitted date="2022-03-09T01:08:48"> | ||
<contributor organization="JovalCM.com">David Ries</contributor> | ||
</submitted> | ||
</dates> | ||
<status>INITIAL SUBMISSION</status> | ||
<min_schema_version>5.10</min_schema_version> | ||
</oval_repository> | ||
</metadata> | ||
<criteria operator="OR"> | ||
<criteria comment="Windows 10 Version 1809 for 32-bit Systems is vulnerable" operator="AND"> | ||
<extend_definition comment="Windows 10 Version 1809 for 32-bit Systems is installed" definition_ref="oval:org.cisecurity:def:5824" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23036" comment="dwmcore.dll (10.x) version is less than 10.0.17763.2686" /> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 1809 for x64-based Systems is vulnerable" operator="AND"> | ||
<extend_definition comment="Windows 10 Version 1809 for x64-based Systems is installed" definition_ref="oval:org.cisecurity:def:5821" /> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:org.cisecurity:tst:23206" comment="dwmcore.dll (32-bit) (10.x) version is less than 10.0.17763.2686" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23036" comment="dwmcore.dll (10.x) version is less than 10.0.17763.2686" /> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows Server 2019 is vulnerable" operator="AND"> | ||
<extend_definition comment="Windows Server 2019 is installed" definition_ref="oval:org.cisecurity:def:5761" /> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:org.cisecurity:tst:23206" comment="dwmcore.dll (32-bit) (10.x) version is less than 10.0.17763.2686" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23036" comment="dwmcore.dll (10.x) version is less than 10.0.17763.2686" /> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 1909 for 32-bit Systems is vulnerable" operator="AND"> | ||
<extend_definition comment="Windows 10 Version 1909 for 32-bit Systems is installed" definition_ref="oval:org.cisecurity:def:7269" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23351" comment="dwmcore.dll (10.x) version is less than 10.0.18362.2158" /> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 1909 for x64-based Systems is vulnerable" operator="AND"> | ||
<extend_definition comment="Windows 10 Version 1909 for x64-based Systems is installed" definition_ref="oval:org.cisecurity:def:7268" /> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:org.cisecurity:tst:23018" comment="dwmcore.dll (32-bit) (10.x) version is less than 10.0.18362.2158" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23351" comment="dwmcore.dll (10.x) version is less than 10.0.18362.2158" /> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 20H2 for x64-based Systems is vulnerable" operator="AND"> | ||
<extend_definition definition_ref="oval:org.cisecurity:def:9219" comment="Microsoft Windows 10 Version 20H2 (x64) is installed" /> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:org.cisecurity:tst:23121" comment="dwmcore.dll (32-bit) (10.x) version is less than 10.0.19041.1586" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23385" comment="dwmcore.dll (10.x) version is less than 10.0.19041.1586" /> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 20H2 for 32-bit Systems is vulnerable" operator="AND"> | ||
<extend_definition definition_ref="oval:org.cisecurity:def:9217" comment="Microsoft Windows 10 Version 20H2 (x86) is installed" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23385" comment="dwmcore.dll (10.x) version is less than 10.0.19041.1586" /> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 21H1 for x64-based Systems is vulnerable" operator="AND"> | ||
<extend_definition definition_ref="oval:org.cisecurity:def:9242" comment="Microsoft Windows 10 Version 21H1 (x64) is installed" /> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:org.cisecurity:tst:23121" comment="dwmcore.dll (32-bit) (10.x) version is less than 10.0.19041.1586" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23385" comment="dwmcore.dll (10.x) version is less than 10.0.19041.1586" /> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 21H1 for 32-bit Systems is vulnerable" operator="AND"> | ||
<extend_definition definition_ref="oval:org.cisecurity:def:9218" comment="Microsoft Windows 10 Version 21H1 (x86) is installed" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23385" comment="dwmcore.dll (10.x) version is less than 10.0.19041.1586" /> | ||
</criteria> | ||
<criteria comment="Windows Server 2022 is vulnerable" operator="AND"> | ||
<extend_definition definition_ref="oval:org.cisecurity:def:9211" comment="Microsoft Windows Server 2022 (x64) is installed" /> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:org.cisecurity:tst:23058" comment="dwmcore.dll (32-bit) (10.x) version is less than 10.0.20348.587" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23488" comment="dwmcore.dll (10.x) version is less than 10.0.20348.587" /> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows 11 for x64-based Systems is vulnerable" operator="AND"> | ||
<extend_definition definition_ref="oval:org.cisecurity:def:9224" comment="Microsoft Windows 11 Version 21H2 (x64) is installed" /> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:org.cisecurity:tst:23313" comment="dwmcore.dll (32-bit) (10.x) version is less than 10.0.22000.556" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23047" comment="dwmcore.dll (10.x) version is less than 10.0.22000.556" /> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 21H2 for 32-bit Systems is vulnerable" operator="AND"> | ||
<extend_definition definition_ref="oval:org.cisecurity:def:9216" comment="Microsoft Windows 10 Version 21H2 (x86) is installed" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23385" comment="dwmcore.dll (10.x) version is less than 10.0.19041.1586" /> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 21H2 for x64-based Systems is vulnerable" operator="AND"> | ||
<extend_definition definition_ref="oval:org.cisecurity:def:9210" comment="Microsoft Windows 10 Version 21H2 (x64) is installed" /> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:org.cisecurity:tst:23121" comment="dwmcore.dll (32-bit) (10.x) version is less than 10.0.19041.1586" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23385" comment="dwmcore.dll (10.x) version is less than 10.0.19041.1586" /> | ||
</criteria> | ||
</criteria> | ||
</criteria> | ||
</definition> |
145 changes: 145 additions & 0 deletions
145
repository/definitions/vulnerability/oval_org.cisecurity_def_9244.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,145 @@ | ||
<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9244" version="1"> | ||
<metadata> | ||
<title>Windows ALPC Elevation of Privilege Vulnerability - CVE-2022-23287</title> | ||
<affected family="windows"> | ||
<platform>Microsoft Windows 10</platform> | ||
<platform>Microsoft Windows 11</platform> | ||
<platform>Microsoft Windows Server 2016</platform> | ||
<platform>Microsoft Windows Server 2019</platform> | ||
<platform>Microsoft Windows Server 2022</platform> | ||
</affected> | ||
<reference ref_id="CVE-2022-23287" source="CVE" ref_url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23287" /> | ||
<reference ref_id="MSRC-CVE-2022-23287" source="Vendor Advisory" ref_url="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23287" /> | ||
<reference ref_id="KB5011491" source="Vendor Advisory" ref_url="https://support.microsoft.com/en-us/help/5011491" /> | ||
<reference ref_id="KB5011495" source="Vendor Advisory" ref_url="https://support.microsoft.com/en-us/help/5011495" /> | ||
<reference ref_id="KB5011503" source="Vendor Advisory" ref_url="https://support.microsoft.com/en-us/help/5011503" /> | ||
<reference ref_id="KB5011485" source="Vendor Advisory" ref_url="https://support.microsoft.com/en-us/help/5011485" /> | ||
<reference ref_id="KB5011487" source="Vendor Advisory" ref_url="https://support.microsoft.com/en-us/help/5011487" /> | ||
<reference ref_id="KB5011497" source="Vendor Advisory" ref_url="https://support.microsoft.com/en-us/help/5011497" /> | ||
<reference ref_id="KB5011493" source="Vendor Advisory" ref_url="https://support.microsoft.com/en-us/help/5011493" /> | ||
<description /> | ||
<oval_repository> | ||
<dates> | ||
<submitted date="2022-03-09T01:08:49"> | ||
<contributor organization="JovalCM.com">David Ries</contributor> | ||
</submitted> | ||
</dates> | ||
<status>INITIAL SUBMISSION</status> | ||
<min_schema_version>5.10</min_schema_version> | ||
</oval_repository> | ||
</metadata> | ||
<criteria operator="OR"> | ||
<criteria comment="Windows 10 for 32-bit Systems is vulnerable" operator="AND"> | ||
<extend_definition comment="Windows 10 for 32-bit Systems is installed" definition_ref="oval:org.cisecurity:def:380" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23524" comment="ntoskrnl.exe (10.x) version is less than 10.0.10240.19235" /> | ||
</criteria> | ||
<criteria comment="Windows 10 for x64-based Systems is vulnerable" operator="AND"> | ||
<extend_definition comment="Windows 10 for x64-based Systems is installed" definition_ref="oval:org.cisecurity:def:377" /> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:org.cisecurity:tst:23355" comment="ntoskrnl.exe (32-bit) (10.x) version is less than 10.0.10240.19235" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23524" comment="ntoskrnl.exe (10.x) version is less than 10.0.10240.19235" /> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows Server 2016 is vulnerable" operator="AND"> | ||
<extend_definition comment="Windows Server 2016 is installed" definition_ref="oval:org.cisecurity:def:1269" /> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:org.cisecurity:tst:23348" comment="ntoskrnl.exe (32-bit) (10.x) version is less than 10.0.14393.5006" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23212" comment="ntoskrnl.exe (10.x) version is less than 10.0.14393.5006" /> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 1607 for 32-bit Systems is vulnerable" operator="AND"> | ||
<extend_definition comment="Windows 10 Version 1607 for 32-bit Systems is installed" definition_ref="oval:org.cisecurity:def:1377" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23212" comment="ntoskrnl.exe (10.x) version is less than 10.0.14393.5006" /> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 1607 for x64-based Systems is vulnerable" operator="AND"> | ||
<extend_definition comment="Windows 10 Version 1607 for x64-based Systems is installed" definition_ref="oval:org.cisecurity:def:1379" /> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:org.cisecurity:tst:23348" comment="ntoskrnl.exe (32-bit) (10.x) version is less than 10.0.14393.5006" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23212" comment="ntoskrnl.exe (10.x) version is less than 10.0.14393.5006" /> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows Server 2016 (Server Core installation) is vulnerable" operator="AND"> | ||
<extend_definition comment="Windows Server 2016 (Server Core installation) is installed" definition_ref="oval:org.cisecurity:def:3529" /> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:org.cisecurity:tst:23348" comment="ntoskrnl.exe (32-bit) (10.x) version is less than 10.0.14393.5006" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23212" comment="ntoskrnl.exe (10.x) version is less than 10.0.14393.5006" /> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 1809 for 32-bit Systems is vulnerable" operator="AND"> | ||
<extend_definition comment="Windows 10 Version 1809 for 32-bit Systems is installed" definition_ref="oval:org.cisecurity:def:5824" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23399" comment="win32kfull.sys (10.x) version is less than 10.0.17763.2686" /> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 1809 for x64-based Systems is vulnerable" operator="AND"> | ||
<extend_definition comment="Windows 10 Version 1809 for x64-based Systems is installed" definition_ref="oval:org.cisecurity:def:5821" /> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:org.cisecurity:tst:23323" comment="win32kfull.sys (32-bit) (10.x) version is less than 10.0.17763.2686" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23399" comment="win32kfull.sys (10.x) version is less than 10.0.17763.2686" /> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows Server 2019 is vulnerable" operator="AND"> | ||
<extend_definition comment="Windows Server 2019 is installed" definition_ref="oval:org.cisecurity:def:5761" /> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:org.cisecurity:tst:23323" comment="win32kfull.sys (32-bit) (10.x) version is less than 10.0.17763.2686" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23399" comment="win32kfull.sys (10.x) version is less than 10.0.17763.2686" /> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 1909 for 32-bit Systems is vulnerable" operator="AND"> | ||
<extend_definition comment="Windows 10 Version 1909 for 32-bit Systems is installed" definition_ref="oval:org.cisecurity:def:7269" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23174" comment="ntoskrnl.exe (10.x) version is less than 10.0.18362.2158" /> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 1909 for x64-based Systems is vulnerable" operator="AND"> | ||
<extend_definition comment="Windows 10 Version 1909 for x64-based Systems is installed" definition_ref="oval:org.cisecurity:def:7268" /> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:org.cisecurity:tst:23396" comment="ntoskrnl.exe (32-bit) (10.x) version is less than 10.0.18362.2158" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23174" comment="ntoskrnl.exe (10.x) version is less than 10.0.18362.2158" /> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 20H2 for x64-based Systems is vulnerable" operator="AND"> | ||
<extend_definition definition_ref="oval:org.cisecurity:def:9219" comment="Microsoft Windows 10 Version 20H2 (x64) is installed" /> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:org.cisecurity:tst:23549" comment="ntoskrnl.exe (32-bit) (10.x) version is less than 10.0.19041.1586" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23523" comment="ntoskrnl.exe (10.x) version is less than 10.0.19041.1586" /> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 20H2 for 32-bit Systems is vulnerable" operator="AND"> | ||
<extend_definition definition_ref="oval:org.cisecurity:def:9217" comment="Microsoft Windows 10 Version 20H2 (x86) is installed" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23523" comment="ntoskrnl.exe (10.x) version is less than 10.0.19041.1586" /> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 21H1 for x64-based Systems is vulnerable" operator="AND"> | ||
<extend_definition definition_ref="oval:org.cisecurity:def:9242" comment="Microsoft Windows 10 Version 21H1 (x64) is installed" /> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:org.cisecurity:tst:23549" comment="ntoskrnl.exe (32-bit) (10.x) version is less than 10.0.19041.1586" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23523" comment="ntoskrnl.exe (10.x) version is less than 10.0.19041.1586" /> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 21H1 for 32-bit Systems is vulnerable" operator="AND"> | ||
<extend_definition definition_ref="oval:org.cisecurity:def:9218" comment="Microsoft Windows 10 Version 21H1 (x86) is installed" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23523" comment="ntoskrnl.exe (10.x) version is less than 10.0.19041.1586" /> | ||
</criteria> | ||
<criteria comment="Windows Server 2022 is vulnerable" operator="AND"> | ||
<extend_definition definition_ref="oval:org.cisecurity:def:9211" comment="Microsoft Windows Server 2022 (x64) is installed" /> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:org.cisecurity:tst:23365" comment="ntoskrnl.exe (32-bit) (10.x) version is less than 10.0.20348.587" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23406" comment="ntoskrnl.exe (10.x) version is less than 10.0.20348.587" /> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows 11 for x64-based Systems is vulnerable" operator="AND"> | ||
<extend_definition definition_ref="oval:org.cisecurity:def:9224" comment="Microsoft Windows 11 Version 21H2 (x64) is installed" /> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:org.cisecurity:tst:23282" comment="ntoskrnl.exe (32-bit) (10.x) version is less than 10.0.22000.556" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23128" comment="ntoskrnl.exe (10.x) version is less than 10.0.22000.556" /> | ||
</criteria> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 21H2 for 32-bit Systems is vulnerable" operator="AND"> | ||
<extend_definition definition_ref="oval:org.cisecurity:def:9216" comment="Microsoft Windows 10 Version 21H2 (x86) is installed" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23523" comment="ntoskrnl.exe (10.x) version is less than 10.0.19041.1586" /> | ||
</criteria> | ||
<criteria comment="Windows 10 Version 21H2 for x64-based Systems is vulnerable" operator="AND"> | ||
<extend_definition definition_ref="oval:org.cisecurity:def:9210" comment="Microsoft Windows 10 Version 21H2 (x64) is installed" /> | ||
<criteria operator="OR"> | ||
<criterion test_ref="oval:org.cisecurity:tst:23549" comment="ntoskrnl.exe (32-bit) (10.x) version is less than 10.0.19041.1586" /> | ||
<criterion test_ref="oval:org.cisecurity:tst:23523" comment="ntoskrnl.exe (10.x) version is less than 10.0.19041.1586" /> | ||
</criteria> | ||
</criteria> | ||
</criteria> | ||
</definition> |
Oops, something went wrong.