5.5

CVE-2019-1446

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftExcel Version2010 Updatesp2
MicrosoftExcel Version2013 Updatesp1
MicrosoftExcel Version2013 Updatesp1 SwEditionrt
MicrosoftExcel Version2016
MicrosoftExcel Version2016 SwPlatformmacos
MicrosoftOffice Version2010 Updatesp2
MicrosoftOffice Version2013 Updatesp1
MicrosoftOffice Version2013 Updatesp1 SwEditionrt
MicrosoftOffice Version2016
MicrosoftOffice Version2019
MicrosoftOffice Version2019 SwPlatformmacos
MicrosoftOffice 365 Version- SwEditionproplus
MicrosoftSharepoint Enterprise Server Version2013 Updatesp1
MicrosoftExcel Services Version-
   MicrosoftSharepoint Server Version2010 Updatesp2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 8.48% 0.92
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:P/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.