CVE-2024-21315 (CNNVD-202402-1091)
中文标题:
Microsoft Defender 安全漏洞
英文标题:
Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability
漏洞描述
中文描述:
Microsoft Defender是美国微软(Microsoft)公司的一款威胁防护软件。 Microsoft Defender for Endpoint存在安全漏洞。以下产品和版本受到影响:Microsoft Defender for Endpoint for Windows for Windows 10 Version 1809 for 32-bit Systems,Microsoft Defender for Endpoint for Windows for Windows 10 Version 1809 for x64-based Systems,Microsoft Defender for Endpoint for Windows for Windows 10 Version 1809 for ARM64-based Systems,Microsoft Defender for Endpoint for Windows for Windows Server 2019,Microsoft Defender for Endpoint for Windows for Windows Server 2019 (Server Core installation),Microsoft Defender for Endpoint for Windows for Windows Server 2022,Microsoft Defender for Endpoint for Windows for Windows Server 2022 (Server Core installation),Microsoft Defender for Endpoint for Windows for Windows 11 version 21H2 for x64-based Systems,Microsoft Defender for Endpoint for Windows for Windows 11 version 21H2 for ARM64-based Systems,Microsoft Defender for Endpoint for Windows for Windows 10 Version 21H2 for 32-bit Systems,Microsoft Defender for Endpoint for Windows for Windows 10 Version 21H2 for ARM64-based Systems,Microsoft Defender for Endpoint for Windows for Windows 10 Version 21H2 for x64-based Systems,Microsoft Defender for Endpoint for Windows for Windows 10 for 32-bit Systems,Microsoft Defender for Endpoint for Windows for Windows 10 for x64-based Systems,Microsoft Defender for Endpoint for Windows for Windows 10 Version 1607 for 32-bit Systems,Microsoft Defender for Endpoint for Windows for Windows 10 Version 1607 for x64-based Systems,Microsoft Defender for Endpoint for Windows for Windows Server 2016,Microsoft Defender for Endpoint for Windows for Windows Server 2012 (Server Core installation),Microsoft Defender for Endpoint for Windows for Windows Server 2016 (Server Core installation),Microsoft Defender for Endpoint for Windows for Windows Server 2012 R2,Microsoft Defender for Endpoint for Windows for Windows Server 2012 R2 (Server Core installation),Microsoft Defender for Endpoint for Windows for Windows 11 Version 23H2 for ARM64-based Systems,Microsoft Defender for Endpoint for Windows for Windows 11 Version 22H2 for ARM64-based Systems,Microsoft Defender for Endpoint for Windows for Windows 10 Version 22H2 for x64-based Systems,Microsoft Defender for Endpoint for Windows for Windows 10 Version 22H2 for ARM64-based Systems,Microsoft Defender for Endpoint for Windows for Windows Server 2022, 23H2 Edition (Server Core installation),Microsoft Defender for Endpoint for Windows for Windows 11 Version 23H2 for x64-based Systems,Microsoft Defender for Endpoint for Windows for Windows 11 Version 22H2 for x64-based Systems,Microsoft Defender for Endpoint for Windows for Windows 10 Version 22H2 for 32-bit Systems,Microsoft Defender for Endpoint for Windows for Windows Server 2012。
英文描述:
NOT_EXTRACTED
CWE类型:
标签:
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| Microsoft | Microsoft Defender for Endpoint for Windows | - | < 10.0.17763.5122 | - |
cpe:2.3:a:microsoft:microsoft_defender_for_endpoint_for_windows:*:*:*:*:*:*:*:*
|
| microsoft | defender_for_endpoint | * | - | - |
cpe:2.3:a:microsoft:defender_for_endpoint:*:*:*:*:*:windows:*:*
|
解决方案
中文解决方案:
英文解决方案:
临时解决方案:
参考链接
cve.org
CVSS评分详情
3.1 (cna)
HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
时间信息
利用信息
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2024-21315 |
2025-11-11 15:22:24 | 2025-11-11 07:39:05 |
| NVD | nvd_CVE-2024-21315 |
2025-11-11 14:59:45 | 2025-11-11 07:47:06 |
| CNNVD | cnnvd_CNNVD-202402-1091 |
2025-11-11 15:11:28 | 2025-11-11 07:58:29 |
版本与语言
安全公告
变更历史
查看详细变更
- vulnerability_type: 未提取 -> 其他
- cnnvd_id: 未提取 -> CNNVD-202402-1091
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
查看详细变更
- affected_products_count: 1 -> 2
- data_sources: ['cve'] -> ['cve', 'nvd']