CVE-2024-49033

EPSS 3.84%
Published 12.11.2024 18:15:43
Last modified 16.11.2024 00:05:44
Source secure@microsoft.com
Teams watchlist Login
Open Login

Microsoft Word Security Feature Bypass Vulnerability

Affected products Warnungen 0 Metrics 2 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ 365 Apps Version- SwEditionenterprise

Microsoft ≫ Office Version2019

Microsoft ≫ Office Long Term Servicing Channel Version2021 SwPlatform-

Microsoft ≫ Office Long Term Servicing Channel Version2021 SwPlatformmacos

Microsoft ≫ Office Long Term Servicing Channel Version2024 SwPlatform-

Microsoft ≫ Office Long Term Servicing Channel Version2024 SwPlatformmacos

Microsoft ≫ Word Version2016

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	3.84%	0.877

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
secure@microsoft.com	7.5	1.6	5.9	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49033

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-49033

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-49033

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-49033

EUVD