CVE-2023-23398
Published on: Not Yet Published
Last Modified on: 08/01/2023 10:07:54 PM UTC
Certain versions of 365 Apps from Microsoft contain the following vulnerability:
Microsoft Excel Spoofing Vulnerability
- CVE-2023-23398 has been assigned by [email protected] to track the vulnerability - currently rated as HIGH severity.
- Affected Vendor/Software: Microsoft - Microsoft Office 2019 version < https://aka.ms/OfficeSecurityReleases
- Affected Vendor/Software: Microsoft - Microsoft 365 Apps for Enterprise version < https://aka.ms/OfficeSecurityReleases
- Affected Vendor/Software: Microsoft - Microsoft Office LTSC 2021 version < https://aka.ms/OfficeSecurityReleases
- Affected Vendor/Software: Microsoft - Microsoft Excel 2016 version < 16.0.5387.1000
- Affected Vendor/Software: Microsoft - Microsoft Excel 2013 Service Pack 1 version < 15.0.5537.1000
CVSS3 Score: 7.1 - HIGH
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
---|---|---|---|
LOCAL | LOW | NONE | REQUIRED |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
UNCHANGED | HIGH | HIGH | NONE |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
Security Update Guide - Microsoft Security Response Center | msrc.microsoft.com text/html | MISC msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23398 |
Related QID Numbers
- 110430 Microsoft Office Security Update for March 2023
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Application | Microsoft | 365 Apps | - | All | All | All |
Application | Microsoft | Excel | 2013 | sp1 | All | All |
Application | Microsoft | Excel | 2013 | sp1 | All | All |
Application | Microsoft | Excel | 2016 | All | All | All |
Application | Microsoft | Office | 2019 | All | All | All |
Application | Microsoft | Office | 2019 | All | All | All |
Application | Microsoft | Office | 2021 | All | All | All |
Application | Microsoft | Office | 2021 | All | All | All |
- cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*:
- cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:excel:2013:sp1:*:*:rt:*:*:*:
- cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:*:
- cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:*:
- cpe:2.3:a:microsoft:office:2021:*:*:*:ltsc:*:x64:*:
- cpe:2.3:a:microsoft:office:2021:*:*:*:ltsc:*:x86:*:
No vendor comments have been submitted for this CVE
Social Mentions
Source | Title | Posted (UTC) |
---|