CVE-2022-29140: 
vulnerability analysis and mitigation

Windows Print Spooler Information Disclosure Vulnerability (CVE-2022-29140) was disclosed and patched by Microsoft in May 2022. This vulnerability is one of several Print Spooler-related security issues that affected various versions of Windows operating systems. The vulnerability is unique from CVE-2022-29114 and was part of a broader set of Print Spooler vulnerabilities that Microsoft addressed (SecurityWeek).

The vulnerability has been assigned a CVSS 3.1 Base Score of 5.5 (MEDIUM) with the following vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N. Under CVSS 2.0, it received a Base Score of 2.1 (LOW) with the vector (AV:L/AC:L/Au:N/C:P/I:N/A:N). The vulnerability specifically affects the Windows Print Spooler service and could lead to information disclosure (NVD).

The vulnerability could allow an attacker to obtain unauthorized access to sensitive information through the Windows Print Spooler service. The impact is primarily focused on confidentiality, with no direct impact on system integrity or availability as indicated by the CVSS scoring (NVD).

Microsoft has released security patches to address this vulnerability. The fix was included in Microsoft's regular security updates, and affected users are advised to apply the relevant patches to their systems (Microsoft).