7.8
CVE-2025-21361
- EPSS 0.52%
- Veröffentlicht 14.01.2025 18:16:01
- Zuletzt bearbeitet 17.01.2025 20:39:49
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
LoginMicrosoft Outlook Remote Code Execution Vulnerability
Microsoft Outlook Remote Code Execution Vulnerability
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.52% | 0.664 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secure@microsoft.com | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-641 Improper Restriction of Names for Files and Other Resources
The product constructs the name of a file or other resource using input from an upstream component, but it does not restrict or incorrectly restricts the resulting name.