Vulnerability · NVD
CVE-2022-27776
HIGH
HackerOne: CVE-2022-27776 Insufficiently protected credentials vulnerability might leak authentication or cookie header data
EPSS
0.68%
above median
percentile 72.0%
OS versions that fix this CVE
This CVE is resolved by the following OS security releases. Update the OS to at least the listed version.
- Windows Fixed in Windows Server 2022 (Server Core installation) 10.0.20348.825 Windows Server 2022 10.0.20348.825 Windows Server 2019 (Server Core installation) 10.0.17763.3165 Windows Server 2019 10.0.17763.3165 Windows 11 21H2 · 2021-H2 10.0.22000.795 Windows 10 21H2 · 2021-H2 10.0.19044.1826 Windows 10 21H1 · 2021-H1 10.0.19043.1826 Windows 10 20H2 · 2020-H2 10.0.19042.1826 Windows 10 1809 · 2018-09 10.0.17763.3165