Lucene search

[email protected]CVE-2021-42296

HistoryNov 10, 2021 - 1:19 a.m.

CVE-2021-42296

2021-11-1001:19:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2021-42296

microsoft word

remote code execution

vulnerability

nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.072 Low

EPSS

Percentile

94.0%

JSON

Microsoft Word Remote Code Execution Vulnerability

VendorProductVersionCPE
microsoft365_apps16.0.1cpe:2.3:a:microsoft:365_apps:16.0.1:*:*:*:*:*:*:*
microsoftmicrosoft_office_ltsc_202116.0.1cpe:2.3:a:microsoft:microsoft_office_ltsc_2021:16.0.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	365_apps	16.0.1	cpe:2.3:a:microsoft:365_apps:16.0.1:::::::*
microsoft	microsoft_office_ltsc_2021	16.0.1	cpe:2.3:a:microsoft:microsoft_office_ltsc_2021:16.0.1:::::::*

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42296

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.072 Low

EPSS

Percentile

94.0%

JSON

Related for CVE-2021-42296

nessus1 prion1 mscve1 openvas1 kaspersky1