6.7

CVE-2024-38173

Microsoft Outlook Remote Code Execution Vulnerability

Data is provided by the National Vulnerability Database (NVD)
Microsoft365 Apps Version-
MicrosoftOffice Version2019
MicrosoftOutlook Version2016
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.49% 0.646
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
secure@microsoft.com 6.7 0.8 5.9
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
CWE-73 External Control of File Name or Path

The product allows user input to control or influence paths or file names that are used in filesystem operations.