CVE-2023-28247

HIGH

Windows Server 2012, 2016, 2019, 2022 - Information Disclosure via Network File System Integer Underflow

Title source: llm

Windows Network File System Information Disclosure Vulnerability

Core 1

Core References

Patch, Vendor Advisory vendor-advisory

CVSS v3 7.5

EPSS 0.0159

EPSS Percentile 72.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

CWE

CWE-191

Status published

Products (5)

microsoft/windows_server_2012

microsoft/windows_server_2012 r2

microsoft/windows_server_2016

microsoft/windows_server_2019

microsoft/windows_server_2022

Published Apr 11, 2023

Tracked Since Feb 18, 2026