CVE-2024-49033

EPSS 3.84%
Veröffentlicht 12.11.2024 18:15:43
Zuletzt bearbeitet 16.11.2024 00:05:44
Quelle secure@microsoft.com
Teams Watchlist Login
Unerledigt Login

Microsoft Word Security Feature Bypass Vulnerability

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ 365 Apps Version- SwEditionenterprise

Microsoft ≫ Office Version2019

Microsoft ≫ Office Long Term Servicing Channel Version2021 SwPlatform-

Microsoft ≫ Office Long Term Servicing Channel Version2021 SwPlatformmacos

Microsoft ≫ Office Long Term Servicing Channel Version2024 SwPlatform-

Microsoft ≫ Office Long Term Servicing Channel Version2024 SwPlatformmacos

Microsoft ≫ Word Version2016

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	3.84%	0.877

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
secure@microsoft.com	7.5	1.6	5.9	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49033

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-49033

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-49033

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-49033

EUVD