the Kenna Security vulnerability scanner is reporting the CVEs below on a 2012 R2 domain controller but i am unable to find a patch or any documentation that reflects this
CVE-2022-22711(Windows BitLocker Information Disclosure Vulnerability)
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22711
Available patches are only for server 2016 and later
CVE-2022-29131 (Windows LDAP Remote Code Execution Vulnerability)
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29131
Available patches are only for server 2019 and later
security update guide page is reporting the same https://msrc.microsoft.com/update-guide/
just trying to confirm before sending something to Kenna Security that these two CVEs do not apply