Lucene search
MicrosoftCVELIST:CVE-2023-35311HistoryJul 11, 2023 - 5:03 p.m.
CVE-2023-35311 Microsoft Outlook Security Feature Bypass Vulnerability
2023-07-1117:03:27
CWE-367
microsoft
www.cve.org
microsoft outlook security bypass vulnerability
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
8.9 High
AI Score
Confidence
High
0.012 Low
EPSS
Percentile
85.4%
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Microsoft 365 Apps for Enterprise",
"cpes": [
"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"versions": [
{
"version": "16.0.1",
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Office LTSC 2021",
"cpes": [
"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"versions": [
{
"version": "16.0.1",
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Office 2019",
"cpes": [
"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"versions": [
{
"version": "19.0.0",
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Outlook 2016",
"cpes": [
"cpe:2.3:a:microsoft:outlook:2016:*:*:*:*:x86:*:*",
"cpe:2.3:a:microsoft:outlook:2016:*:*:*:*:x64:*:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"versions": [
{
"version": "16.0.0.0",
"lessThan": "16.0.5404.1000",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Outlook 2013",
"cpes": [
"cpe:2.3:a:microsoft:outlook:2013:-:-:*:-:-:x86:*",
"cpe:2.3:a:microsoft:outlook:2013:-:-:*:-:-:x64:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"versions": [
{
"version": "14.0.0",
"lessThan": "15.0.5571.1000",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Outlook 2013 Service Pack 1",
"cpes": [
"cpe:2.3:a:microsoft:outlook:2013:*:*:*:rt:*:*:*"
],
"platforms": [
"ARM64-based Systems"
],
"versions": [
{
"version": "15.0.0.0",
"lessThan": "15.0.5571.1000",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
prion
prion
Security feature bypass
2023-07-11 18:15:00
mscve
mscve
Microsoft Outlook Security Feature Bypass Vulnerability
2023-07-11 07:00:00
cisa_kev
cisa_kev
Microsoft Outlook Security Feature Bypass Vulnerability
2023-07-11 00:00:00
attackerkb
attackerkb
CVE-2023-35311
2023-07-11 00:00:00
nvd
nvd
CVE-2023-35311
2023-07-11 18:15:17
cve
cve
CVE-2023-35311
2023-07-11 18:15:17
openvas
openvas
Microsoft Outlook 2013 Service Pack 1 Multiple Vulnerabilities (KB5002432)
2023-07-12 00:00:00
Microsoft Outlook 2016 Multiple Vulnerabilities (KB5002427)
2023-07-12 00:00:00
Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Jul 2023)
2023-07-12 00:00:00
nessus
nessus
Security Updates for Outlook C2R Multiple Vulnerabilities (July 2023)
2023-07-12 00:00:00
Security Updates for Outlook (July 2023)
2023-07-11 00:00:00
mskb
mskb
thn
thn
krebs
krebs
Apple & Microsoft Patch Tuesday, July 2023 Edition
2023-07-11 22:55:07
malwarebytes
malwarebytes
Update now! Microsoft patches a whopping 130 vulnerabilities
2023-07-12 03:00:00
qualysblog
qualysblog
Evaluate Your Windows Endpoints for Storm-0978 Activity With Qualys Endpoint Security
2023-07-14 20:55:16
Microsoft and Adobe Patch Tuesday, July 2023 Security Update Review
2023-07-11 20:30:33
talosblog
talosblog
kaspersky
kaspersky
KLA50773 Multiple vulnerabilities in Microsoft Office
2023-07-11 00:00:00
avleonov
avleonov
rapid7blog
rapid7blog
Patch Tuesday - July 2023
2023-07-11 21:50:34
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
8.9 High
AI Score
Confidence
High
0.012 Low
EPSS
Percentile
85.4%
Related for CVELIST:CVE-2023-35311