6.5
CVE-2023-24890
- EPSS 1.21%
- Veröffentlicht 14.03.2023 17:15:17
- Zuletzt bearbeitet 21.11.2024 07:48:43
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Microsoft OneDrive for iOS Security Feature Bypass Vulnerability
Microsoft OneDrive for iOS Security Feature Bypass Vulnerability
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.21% | 0.643 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secure@microsoft.com | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
CWE-1390 Weak Authentication
The product uses an authentication mechanism to restrict access to specific users or identities, but the mechanism does not sufficiently prove that the claimed identity is correct.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24890