9.3
CVE-2020-1449
- EPSS 14.77%
- Published 14.07.2020 23:15:20
- Last modified 21.11.2024 05:10:34
- Source secure@microsoft.com
- Teams watchlist Login
- Open Login
A remote code execution vulnerability exists in Microsoft Project software when the software fails to check the source markup of a file, aka 'Microsoft Project Remote Code Execution Vulnerability'.
Data is provided by the National Vulnerability Database (NVD)
Microsoft ≫ Project 2016 Version- HwPlatformx64
Microsoft ≫ Project 2016 Version- HwPlatformx86
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
Type | Source | Score | Percentile |
---|---|---|---|
EPSS | FIRST.org | 14.77% | 0.942 |
Source | Base Score | Exploit Score | Impact Score | Vector string |
---|---|---|---|---|
nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
CWE-346 Origin Validation Error
The product does not properly verify that the source of data or communication is valid.