PT-2022-3140 · Microsoft · Windows Desired State Configuration+1

Published

2022-05-03

Updated

2025-01-02

CVE-2022-30148

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Windows Desired State Configuration (DSC) (affected versions not specified)

Description The issue is related to a lack of protection for service data in the Windows Desired State Configuration (DSC) service. Exploitation of this issue may allow an attacker to gain unauthorized access to protected information. It enables attackers to obtain sensitive information and affect the system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Information Disclosure

Insertion into Log File

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-532

Related Identifiers

BDU:2022-03819

CVE-2022-30148

Affected Products

Windows

Windows Desired State Configuration

PT-2022-3140 · Microsoft · Windows Desired State Configuration+1

CVE-2022-30148

Weakness Enumeration

Related Identifiers

Affected Products

References · 11