CVE-2021-28313

Summary

CVE	CVE-2021-28313
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2021-04-13 20:15:00 UTC
Updated	2023-12-29 20:16:00 UTC
Description	Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-28321, CVE-2021-28322.

Risk And Classification

Problem Types: CWE-269

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Microsoft	Visual Studio	2015	update3	All	All
Application	Microsoft	Visual Studio 2017	All	All	All	All
Application	Microsoft	Visual Studio 2019	All	All	All	All
Application	Microsoft	Visual Studio 2019	All	All	All	All
Operating System	Microsoft	Windows 10	1803	All	All	All
Operating System	Microsoft	Windows 10	1809	All	All	All
Operating System	Microsoft	Windows 10	1909	All	All	All
Operating System	Microsoft	Windows 10	2004	All	All	All
Operating System	Microsoft	Windows 10	20h2	All	All	All
Operating System	Microsoft	Windows Server 2016	1909	All	All	All
Operating System	Microsoft	Windows Server 2016	2004	All	All	All
Operating System	Microsoft	Windows Server 2016	20h2	All	All	All
Operating System	Microsoft	Windows Server 2019	-	All	All	All

References

Reference	Source	Link	Tags
Microsoft DiagHub Privilege Escalation ≈ Packet Storm	MISC	packetstormsecurity.com
Full Disclosure: CVE-2021-28321-CVE-2021-28323: elevation of privileges in Microsoft Diaghub	FULLDISC	seclists.org
Security Update Guide - Microsoft Security Response Center	MISC	portal.msrc.microsoft.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

91758 Microsoft Windows Security Update for April 2021