CVE-2018-8558
Summary
| CVE | CVE-2018-8558 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-11-14 01:29:00 UTC |
| Updated | 2018-12-14 20:28:00 UTC |
| Description | An information disclosure vulnerability exists when Microsoft Outlook fails to respect "Default link type" settings configured via the SharePoint Online Admin Center, aka "Microsoft Outlook Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office. This CVE ID is unique from CVE-2018-8579. |
Risk And Classification
Problem Types: CWE-200
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Microsoft | Office | 2019 | All | All | All |
| Application | Microsoft | Office | 2019 | All | All | All |
| Application | Microsoft | Office 365 Proplus | - | All | All | All |
| Application | Microsoft | Office 365 Proplus | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Microsoft Outlook CVE-2018-8558 Information Disclosure Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8558 | CONFIRM | portal.msrc.microsoft.com | Patch, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.