CVE-2021-43896: Microsoft PowerShell Spoofing Vulnerability

Overview

Severity

Medium (CVSS 5.5)

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Category

Spoofing

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2021-Dec

Released

2021-12-14

Last Updated

2021-12-24

EPSS Score

4.30% (percentile: 88.9%)

Affected Products (5)

Mariner

• CBL Mariner 2.0 x64
• CBL Mariner 2.0 ARM
• CBL Mariner 1.0 x64
• CBL Mariner 1.0 ARM

Developer Tools

• PowerShell 7.2

Security Updates (1)

• Release Notes

Acknowledgments

<a href=https://github.com/ylemkimon>Young Min Kim</a> of CompSec Lab at Seoul National University

Revision History

• 2021-12-14: Information published.
• 2021-12-24: Information published.