What is the severity of CVE-2023-36398?

The severity of CVE-2023-36398 is high with a severity value of 6.5.

How does CVE-2023-36398 affect Windows Server 2016?

CVE-2023-36398 affects Windows Server 2016 and requires applying the patch KB5032197.

How does CVE-2023-36398 affect Windows 11?

CVE-2023-36398 affects Windows 11, specifically the 23H2 version, and requires applying the patch KB5032190.

How does CVE-2023-36398 affect Windows Server 2012 R2?

CVE-2023-36398 affects Windows Server 2012 R2 and requires applying the patch KB5032249.

How does CVE-2023-36398 affect Windows 10?

CVE-2023-36398 affects Windows 10, specifically the 1607 version for x86 architecture, and requires applying the patch KB5032197.

Vulnerability/
CVE-2023-36398

medium

6.5

CWE

908

14/11/2023

4/6/2024

CVE-2023-36398: Windows NTFS Information Disclosure Vulnerability

First published: Tue Nov 14 2023(Updated: )

Windows NTFS Information Disclosure Vulnerability

Credit: secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft Windows Server 2022, 23H2 Edition		fix available externally
Microsoft Windows 11	=23H2	fix available externally
Microsoft Windows 11	=23H2	fix available externally
Microsoft Windows 11	=21H2	fix available externally
Microsoft Windows Server 2012 R2		fix available externally
Microsoft Windows 10	=21H2	fix available externally
Microsoft Windows 10		fix available externally
Microsoft Windows 10	=22H2	fix available externally
Microsoft Windows 10	=22H2	fix available externally
Microsoft Windows 11	=21H2	fix available externally
Microsoft Windows Server 2019		fix available externally
Microsoft Windows 10	=1607	fix available externally
Microsoft Windows 10	=1809	fix available externally
Microsoft Windows Server 2019		fix available externally
Microsoft Windows 10	=21H2	fix available externally
Microsoft Windows Server 2022		fix available externally fix available externally
Microsoft Windows 10	=1607	fix available externally
Microsoft Windows 10		fix available externally
Microsoft Windows 10	=1809	fix available externally
Microsoft Windows Server 2022		fix available externally fix available externally
Microsoft Windows Server 2012 R2		fix available externally
Microsoft Windows 10	=22H2	fix available externally
Microsoft Windows Server 2012		fix available externally
Microsoft Windows 10	=1809	fix available externally
Microsoft Windows 11	=22H2	fix available externally
Microsoft Windows 10	=21H2	fix available externally
Microsoft Windows 11	=22H2	fix available externally
Microsoft Windows Server 2012		fix available externally
Microsoft Windows Server 2016		fix available externally
Microsoft Windows Server 2016		fix available externally
Microsoft Windows 10 1507	<10.0.10240.20308
Microsoft Windows 10 1507	<10.0.10240.20308
Microsoft Windows 10 1607	<10.0.14393.6452
Microsoft Windows 10 1607	<10.0.14393.6452
Microsoft Windows 10 1809	<10.0.17763.5122
Microsoft Windows 10 1809	<10.0.17763.5122
Microsoft Windows 10 1809	<10.0.17763.5122
Microsoft Windows 10 21h2	<10.0.19041.3693
Microsoft Windows 10 21h2	<10.0.19041.3693
Microsoft Windows 10 21h2	<10.0.19041.3693
Microsoft Windows 10 22h2	<10.0.19045.3693
Microsoft Windows 10 22h2	<10.0.19045.3693
Microsoft Windows 10 22h2	<10.0.19045.3693
Microsoft Windows 11 21h2	<10.0.22000.2600
Microsoft Windows 11 21h2	<10.0.22000.2600
Microsoft Windows 11 22h2	<10.0.22621.2715
Microsoft Windows 11 22h2	<10.0.22621.2715
Microsoft Windows 11 23h2	<10.0.22621.2715
Microsoft Windows 11 23h2	<10.0.22621.2715
Microsoft Windows Server 2012
Microsoft Windows Server 2012	=r2
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows Server 2022

Remedy

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36398

Never miss a vulnerability like this again

Reference Links

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36398 (Advisory)

Frequently Asked Questions

What is the severity of CVE-2023-36398?
The severity of CVE-2023-36398 is high with a severity value of 6.5.
How does CVE-2023-36398 affect Windows Server 2016?
CVE-2023-36398 affects Windows Server 2016 and requires applying the patch KB5032197.
How does CVE-2023-36398 affect Windows 11?
CVE-2023-36398 affects Windows 11, specifically the 23H2 version, and requires applying the patch KB5032190.
How does CVE-2023-36398 affect Windows Server 2012 R2?
CVE-2023-36398 affects Windows Server 2012 R2 and requires applying the patch KB5032249.
How does CVE-2023-36398 affect Windows 10?
CVE-2023-36398 affects Windows 10, specifically the 1607 version for x86 architecture, and requires applying the patch KB5032197.

collector/msrc
agent/type
agent/first-publish-date
source/Microsoft
collector/msrc-cve
agent/references
agent/title
agent/remedy
agent/author
agent/severity
agent/description
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/event
collector/nvd-api
source/NVD
agent/last-modified-date
agent/weakness
agent/tags
vendor/microsoft
canonical/microsoft windows server 2022, 23h2 edition
canonical/microsoft windows 11
version/microsoft windows 11/23h2
version/microsoft windows 11/21h2
canonical/microsoft windows server 2012 r2
canonical/microsoft windows 10
version/microsoft windows 10/21h2
version/microsoft windows 10/22h2
version/microsoft windows 10/1607
canonical/microsoft windows server 2019
version/microsoft windows 10/1809
canonical/microsoft windows server 2022
canonical/microsoft windows server 2012
version/microsoft windows 11/22h2
canonical/microsoft windows server 2016
canonical/microsoft windows 10 1507
canonical/microsoft windows 10 1607
canonical/microsoft windows 10 1809
canonical/microsoft windows 10 21h2
canonical/microsoft windows 10 22h2
canonical/microsoft windows 11 21h2
canonical/microsoft windows 11 22h2
canonical/microsoft windows 11 23h2
version/microsoft windows server 2012/r2