1. CVE-Search
  2. CVE-2018-8627
ID CVE-2018-8627
Summary An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. This CVE ID is unique from CVE-2018-8598.
References
Vulnerable Configurations
  • cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*
    cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:*:*
    cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:excel:2013:sp1:*:*:rt:*:*:*
    cpe:2.3:a:microsoft:excel:2013:sp1:*:*:rt:*:*:*
  • cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:excel_viewer:2007:sp3:*:*:*:*:*:*
    cpe:2.3:a:microsoft:excel_viewer:2007:sp3:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*
    cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:office:2016:*:*:*:*:mac_os_x:*:*
    cpe:2.3:a:microsoft:office:2016:*:*:*:*:mac_os_x:*:*
  • cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*
  • cpe:2.3:a:microsoft:office_365_proplus:-:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:office_365_proplus:-:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:office_compatibility_pack:-:sp3:*:*:*:*:*:*
    cpe:2.3:a:microsoft:office_compatibility_pack:-:sp3:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*
    cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 24-08-2020 - 17:37)
Impact:
Exploitability:
CWE CWE-908
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:N/A:N
refmap via4
bid 106120
confirm https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8627
Last major update 24-08-2020 - 17:37
Published 12-12-2018 - 00:29
Last modified 24-08-2020 - 17:37
Back to Top