8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.2 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.317 Low
EPSS
Percentile
96.9%
09/11/2018
Critical
Multiple serious vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities:
Microsoft SharePoint Enterprise Server 2013 Service Pack 1
Microsoft SharePoint Server 2010 Service Pack 2
Microsoft SharePoint Enterprise Server 2016
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2018-8426
CVE-2018-8331
CVE-2018-8332
CVE-2018-8430
CVE-2018-8429
CVE-2018-8474
CVE-2018-8428
CVE-2018-8431
ACE
CVE-2018-83329.3Critical
CVE-2018-84263.5Warning
CVE-2018-83319.3Critical
CVE-2018-84309.3Critical
CVE-2018-84294.3Warning
CVE-2018-84745.0Warning
CVE-2018-84283.5Warning
CVE-2018-84313.5Warning
4032246
4227175
4092447
4092466
4092459
4092479
4092460
4092470
4092467
4022207
Public exploits exist for this vulnerability.
support.microsoft.com/kb/4022207
support.microsoft.com/kb/4032246
support.microsoft.com/kb/4092447
support.microsoft.com/kb/4092459
support.microsoft.com/kb/4092460
support.microsoft.com/kb/4092466
support.microsoft.com/kb/4092467
support.microsoft.com/kb/4092470
support.microsoft.com/kb/4092479
support.microsoft.com/kb/4227175
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8331
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8332
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8426
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8428
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8429
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8430
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8431
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8474
portal.msrc.microsoft.com/en-us/security-guidance
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8331
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8332
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8426
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8428
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8429
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8430
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8431
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8474
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Microsoft-Office/
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.2 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.317 Low
EPSS
Percentile
96.9%