CVE-2024-30103

EPSS 14.96%
Veröffentlicht 11.06.2024 17:15:59
Zuletzt bearbeitet 21.11.2024 09:11:16
Quelle secure@microsoft.com
Teams Watchlist Login
Unerledigt Login

Microsoft Outlook Remote Code Execution Vulnerability

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ 365 Apps Version- SwEditionenterprise HwPlatformx64

Microsoft ≫ 365 Apps Version- SwEditionenterprise HwPlatformx86

Microsoft ≫ Office Version2019 HwPlatformx64

Microsoft ≫ Office Version2019 HwPlatformx86

Microsoft ≫ Office Version2021 SwEditionltsc HwPlatformx64

Microsoft ≫ Office Version2021 SwEditionltsc HwPlatformx86

Microsoft ≫ Outlook Version2016 HwPlatformx64

Microsoft ≫ Outlook Version2016 HwPlatformx86

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	14.96%	0.943

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
secure@microsoft.com	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-184 Incomplete List of Disallowed Inputs

The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or otherwise require other action to neutralize before additional processing takes place, but the list is incomplete.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30103

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-30103

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-30103

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-30103

EUVD