Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2021-AVI-104
Vulnerability from certfr_avis
De multiples vulnérabilités ont été corrigées dans Microsoft Office. Elles permettent à un attaquant de provoquer une usurpation d'identité, une atteinte à la confidentialité des données et une exécution de code à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
Vendor | Product | Description | ||
---|---|---|---|---|
Microsoft | Office | Microsoft SharePoint Foundation 2013 Service Pack 1 | ||
Microsoft | Office | Microsoft Excel 2013 RT Service Pack 1 | ||
Microsoft | Office | Microsoft Office Web Apps Server 2013 Service Pack 1 | ||
Microsoft | Office | Microsoft Office 2019 pour éditions 32 bits | ||
Microsoft | Office | Microsoft Office 2019 pour Mac | ||
Microsoft | Office | Microsoft Office 2019 pour éditions 64 bits | ||
Microsoft | Office | Office Online Server | ||
Microsoft | Office | Microsoft Excel 2013 Service Pack 1 (éditions 64 bits) | ||
Microsoft | Office | Microsoft Excel 2016 (édition 32 bits) | ||
Microsoft | Office | Microsoft Excel 2010 Service Pack 2 (éditions 64 bits) | ||
Microsoft | Office | Microsoft Excel 2013 Service Pack 1 (éditions 32 bits) | ||
Microsoft | Office | Microsoft Office Online Server | ||
Microsoft | Office | Microsoft SharePoint Enterprise Server 2016 | ||
Microsoft | Office | Microsoft Excel 2010 Service Pack 2 (éditions 32 bits) | ||
Microsoft | Office | Microsoft Excel 2016 (édition 64 bits) | ||
Microsoft | Office | Microsoft SharePoint Server 2019 | ||
Microsoft | Office | Microsoft SharePoint Foundation 2010 Service Pack 2 |
References
Title | Publication Time | Tags | |||
---|---|---|---|---|---|
|
{ "$ref": "https://www.cert.ssi.gouv.fr/openapi.json", "affected_systems": [ { "description": "Microsoft SharePoint Foundation 2013 Service Pack 1", "product": { "name": "Office", "vendor": { "name": "Microsoft", "scada": false } } }, { "description": "Microsoft Excel 2013 RT Service Pack 1", "product": { "name": "Office", "vendor": { "name": "Microsoft", "scada": false } } }, { "description": "Microsoft Office Web Apps Server 2013 Service Pack 1", "product": { "name": "Office", "vendor": { "name": "Microsoft", "scada": false } } }, { "description": "Microsoft Office 2019 pour \u00e9ditions 32 bits", "product": { "name": "Office", "vendor": { "name": "Microsoft", "scada": false } } }, { "description": "Microsoft Office 2019 pour Mac", "product": { "name": "Office", "vendor": { "name": "Microsoft", "scada": false } } }, { "description": "Microsoft Office 2019 pour \u00e9ditions 64 bits", "product": { "name": "Office", "vendor": { "name": "Microsoft", "scada": false } } }, { "description": "Office Online Server", "product": { "name": "Office", "vendor": { "name": "Microsoft", "scada": false } } }, { "description": "Microsoft Excel 2013 Service Pack 1 (\u00e9ditions 64 bits)", "product": { "name": "Office", "vendor": { "name": "Microsoft", "scada": false } } }, { "description": "Microsoft Excel 2016 (\u00e9dition 32 bits)", "product": { "name": "Office", "vendor": { "name": "Microsoft", "scada": false } } }, { "description": "Microsoft Excel 2010 Service Pack 2 (\u00e9ditions 64 bits)", "product": { "name": "Office", "vendor": { "name": "Microsoft", "scada": false } } }, { "description": "Microsoft Excel 2013 Service Pack 1 (\u00e9ditions 32 bits)", "product": { "name": "Office", "vendor": { "name": "Microsoft", "scada": false } } }, { "description": "Microsoft Office Online Server", "product": { "name": "Office", "vendor": { "name": "Microsoft", "scada": false } } }, { "description": "Microsoft SharePoint Enterprise Server 2016", "product": { "name": "Office", "vendor": { "name": "Microsoft", "scada": false } } }, { "description": "Microsoft Excel 2010 Service Pack 2 (\u00e9ditions 32 bits)", "product": { "name": "Office", "vendor": { "name": "Microsoft", "scada": false } } }, { "description": "Microsoft Excel 2016 (\u00e9dition 64 bits)", "product": { "name": "Office", "vendor": { "name": "Microsoft", "scada": false } } }, { "description": "Microsoft SharePoint Server 2019", "product": { "name": "Office", "vendor": { "name": "Microsoft", "scada": false } } }, { "description": "Microsoft SharePoint Foundation 2010 Service Pack 2", "product": { "name": "Office", "vendor": { "name": "Microsoft", "scada": false } } } ], "affected_systems_content": null, "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n", "cves": [ { "name": "CVE-2021-1726", "url": "https://www.cve.org/CVERecord?id=CVE-2021-1726" }, { "name": "CVE-2021-24068", "url": "https://www.cve.org/CVERecord?id=CVE-2021-24068" }, { "name": "CVE-2021-24066", "url": "https://www.cve.org/CVERecord?id=CVE-2021-24066" }, { "name": "CVE-2021-24071", "url": "https://www.cve.org/CVERecord?id=CVE-2021-24071" }, { "name": "CVE-2021-24067", "url": "https://www.cve.org/CVERecord?id=CVE-2021-24067" }, { "name": "CVE-2021-24069", "url": "https://www.cve.org/CVERecord?id=CVE-2021-24069" }, { "name": "CVE-2021-24070", "url": "https://www.cve.org/CVERecord?id=CVE-2021-24070" }, { "name": "CVE-2021-24072", "url": "https://www.cve.org/CVERecord?id=CVE-2021-24072" } ], "initial_release_date": "2021-02-10T00:00:00", "last_revision_date": "2021-02-10T00:00:00", "links": [], "reference": "CERTFR-2021-AVI-104", "revisions": [ { "description": "Version initiale", "revision_date": "2021-02-10T00:00:00.000000" } ], "risks": [ { "description": "Usurpation d\u0027identit\u00e9" }, { "description": "Ex\u00e9cution de code arbitraire \u00e0 distance" }, { "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es" } ], "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eMicrosoft Office\u003c/span\u003e. Elles permettent \u00e0 un attaquant\nde provoquer une usurpation d\u0027identit\u00e9, une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es et une ex\u00e9cution de code \u00e0 distance.\n", "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Office", "vendor_advisories": [ { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Microsoft du 09 f\u00e9vrier 2021", "url": "https://portal.msrc.microsoft.com/fr-FR/security-guidance" } ] }
CVE-2021-24072 (GCVE-0-2021-24072)
Vulnerability from cvelistv5
Published
2021-02-25 23:01
Modified
2024-08-03 19:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
Microsoft SharePoint Server Remote Code Execution Vulnerability
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Microsoft | Microsoft SharePoint Enterprise Server 2016 |
Version: 16.0.0 < publication cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:* |
||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T19:21:17.788Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24072" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SharePoint Enterprise Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SharePoint Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sharepoint_foundation:2013:sp1:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SharePoint Foundation 2013 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] } ], "datePublic": "2021-02-09T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft SharePoint Server Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-29T22:33:32.355Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24072" } ], "title": "Microsoft SharePoint Server Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2021-24072", "datePublished": "2021-02-25T23:01:37", "dateReserved": "2021-01-13T00:00:00", "dateUpdated": "2024-08-03T19:21:17.788Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-24067 (GCVE-0-2021-24067)
Vulnerability from cvelistv5
Published
2021-02-25 23:01
Modified
2024-08-03 19:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
Microsoft Excel Remote Code Execution Vulnerability
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Microsoft | Microsoft Office Web Apps Server 2013 Service Pack 1 |
Version: 15.0.1 < publication cpe:2.3:a:microsoft:office_web_apps_server:2013:sp1:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T19:21:17.216Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24067" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:office_web_apps_server:2013:sp1:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Office Web Apps Server 2013 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "15.0.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:office:2021:*:*:*:ltsc:*:*:*" ], "platforms": [ "Unknown" ], "product": "Office Online Server", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "https://aka.ms/OfficeSecurityReleases", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Microsoft Office 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "https://aka.ms/OfficeSecurityReleases", "status": "affected", "version": "19.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Office 2019 for Mac", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:office_online_server:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Office Online Server", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "16.0.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Microsoft 365 Apps for Enterprise", "vendor": "Microsoft", "versions": [ { "lessThan": "https://aka.ms/OfficeSecurityReleases", "status": "affected", "version": "16.0.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x86:*", "cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Microsoft Excel 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "16.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Microsoft Excel 2010 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "13.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:rt:*:*:*", "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:x86:*", "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "32-bit Systems", "x64-based Systems" ], "product": "Microsoft Excel 2013 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "15.0.0.0", "versionType": "custom" } ] } ], "datePublic": "2021-02-09T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Excel Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-29T22:33:29.862Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24067" } ], "title": "Microsoft Excel Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2021-24067", "datePublished": "2021-02-25T23:01:33", "dateReserved": "2021-01-13T00:00:00", "dateUpdated": "2024-08-03T19:21:17.216Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-24070 (GCVE-0-2021-24070)
Vulnerability from cvelistv5
Published
2021-02-25 23:01
Modified
2024-08-03 19:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
Microsoft Excel Remote Code Execution Vulnerability
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Microsoft | Microsoft Office Web Apps Server 2013 Service Pack 1 |
Version: 15.0.1 < publication cpe:2.3:a:microsoft:office_web_apps_server:2013:sp1:*:*:*:*:*:* |
||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T19:21:17.273Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24070" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:office_web_apps_server:2013:sp1:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Office Web Apps Server 2013 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "15.0.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:office:2021:*:*:*:ltsc:*:*:*" ], "platforms": [ "Unknown" ], "product": "Office Online Server", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "https://aka.ms/OfficeSecurityReleases", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Microsoft Office 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "https://aka.ms/OfficeSecurityReleases", "status": "affected", "version": "19.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Microsoft 365 Apps for Enterprise", "vendor": "Microsoft", "versions": [ { "lessThan": "https://aka.ms/OfficeSecurityReleases", "status": "affected", "version": "16.0.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x86:*", "cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Microsoft Excel 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "16.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Microsoft Excel 2010 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "13.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:rt:*:*:*", "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:x86:*", "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "32-bit Systems", "x64-based Systems" ], "product": "Microsoft Excel 2013 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "15.0.0.0", "versionType": "custom" } ] } ], "datePublic": "2021-02-09T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Excel Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-29T22:33:31.368Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24070" } ], "title": "Microsoft Excel Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2021-24070", "datePublished": "2021-02-25T23:01:35", "dateReserved": "2021-01-13T00:00:00", "dateUpdated": "2024-08-03T19:21:17.273Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-24068 (GCVE-0-2021-24068)
Vulnerability from cvelistv5
Published
2021-02-25 23:01
Modified
2024-08-03 19:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
Microsoft Excel Remote Code Execution Vulnerability
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Microsoft | Microsoft Office Web Apps Server 2013 Service Pack 1 |
Version: 15.0.1 < publication cpe:2.3:a:microsoft:office_web_apps_server:2013:sp1:*:*:*:*:*:* |
||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T19:21:17.242Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24068" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:office_web_apps_server:2013:sp1:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Office Web Apps Server 2013 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "15.0.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Microsoft Excel 2010 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "13.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:rt:*:*:*", "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:x86:*", "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "32-bit Systems", "x64-based Systems" ], "product": "Microsoft Excel 2013 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "15.0.0.0", "versionType": "custom" } ] } ], "datePublic": "2021-02-09T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Excel Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-29T22:33:30.360Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24068" } ], "title": "Microsoft Excel Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2021-24068", "datePublished": "2021-02-25T23:01:34", "dateReserved": "2021-01-13T00:00:00", "dateUpdated": "2024-08-03T19:21:17.242Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-24071 (GCVE-0-2021-24071)
Vulnerability from cvelistv5
Published
2021-02-25 23:01
Modified
2024-08-03 19:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
Microsoft SharePoint Information Disclosure Vulnerability
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Microsoft | Microsoft SharePoint Enterprise Server 2016 |
Version: 16.0.0 < publication cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:* |
|||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T19:21:18.256Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24071" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SharePoint Enterprise Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SharePoint Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:foundation:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft SharePoint Foundation 2010 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "13.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sharepoint_foundation:2013:sp1:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SharePoint Foundation 2013 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] } ], "datePublic": "2021-02-09T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft SharePoint Information Disclosure Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Information Disclosure", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-29T22:33:31.870Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24071" } ], "title": "Microsoft SharePoint Information Disclosure Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2021-24071", "datePublished": "2021-02-25T23:01:36", "dateReserved": "2021-01-13T00:00:00", "dateUpdated": "2024-08-03T19:21:18.256Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-1726 (GCVE-0-2021-1726)
Vulnerability from cvelistv5
Published
2021-02-25 23:01
Modified
2024-08-03 16:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Spoofing
Summary
Microsoft SharePoint Server Spoofing Vulnerability
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Microsoft | Microsoft SharePoint Enterprise Server 2016 |
Version: 16.0.0 < publication cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:* |
|||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T16:18:11.516Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1726" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SharePoint Enterprise Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SharePoint Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:foundation:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft SharePoint Foundation 2010 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "13.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sharepoint_foundation:2013:sp1:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SharePoint Foundation 2013 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] } ], "datePublic": "2021-02-09T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft SharePoint Server Spoofing Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Spoofing", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-29T22:33:27.763Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1726" } ], "title": "Microsoft SharePoint Server Spoofing Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2021-1726", "datePublished": "2021-02-25T23:01:28", "dateReserved": "2020-12-02T00:00:00", "dateUpdated": "2024-08-03T16:18:11.516Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-24069 (GCVE-0-2021-24069)
Vulnerability from cvelistv5
Published
2021-02-25 23:01
Modified
2024-08-03 19:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
Microsoft Excel Remote Code Execution Vulnerability
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Microsoft | Microsoft Office Web Apps Server 2013 Service Pack 1 |
Version: 15.0.1 < publication cpe:2.3:a:microsoft:office_web_apps_server:2013:sp1:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T19:21:17.277Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24069" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:office_web_apps_server:2013:sp1:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Office Web Apps Server 2013 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "15.0.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:office:2021:*:*:*:ltsc:*:*:*" ], "platforms": [ "Unknown" ], "product": "Office Online Server", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "https://aka.ms/OfficeSecurityReleases", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Microsoft Office 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "https://aka.ms/OfficeSecurityReleases", "status": "affected", "version": "19.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft Office 2019 for Mac", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Microsoft 365 Apps for Enterprise", "vendor": "Microsoft", "versions": [ { "lessThan": "https://aka.ms/OfficeSecurityReleases", "status": "affected", "version": "16.0.1", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x86:*", "cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x64:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Microsoft Excel 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "16.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*" ], "platforms": [ "32-bit Systems", "x64-based Systems" ], "product": "Microsoft Excel 2010 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "13.0.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:rt:*:*:*", "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:x86:*", "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:x64:*" ], "platforms": [ "ARM64-based Systems", "32-bit Systems", "x64-based Systems" ], "product": "Microsoft Excel 2013 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "15.0.0.0", "versionType": "custom" } ] } ], "datePublic": "2021-02-09T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Excel Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-29T22:33:30.861Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24069" } ], "title": "Microsoft Excel Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2021-24069", "datePublished": "2021-02-25T23:01:35", "dateReserved": "2021-01-13T00:00:00", "dateUpdated": "2024-08-03T19:21:17.277Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-24066 (GCVE-0-2021-24066)
Vulnerability from cvelistv5
Published
2021-02-25 23:01
Modified
2024-08-03 19:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
Microsoft SharePoint Remote Code Execution Vulnerability
References
URL | Tags | |
---|---|---|
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Microsoft | Microsoft SharePoint Enterprise Server 2016 |
Version: 16.0.0 < publication cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:* |
|||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T19:21:17.281Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24066" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SharePoint Enterprise Server 2016", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SharePoint Server 2019", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "16.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:foundation:*:*:*" ], "platforms": [ "Unknown" ], "product": "Microsoft SharePoint Foundation 2010 Service Pack 2", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "13.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:sharepoint_foundation:2013:sp1:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft SharePoint Foundation 2013 Service Pack 1", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] } ], "datePublic": "2021-02-09T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft SharePoint Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-29T22:33:29.351Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24066" } ], "title": "Microsoft SharePoint Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2021-24066", "datePublished": "2021-02-25T23:01:33", "dateReserved": "2021-01-13T00:00:00", "dateUpdated": "2024-08-03T19:21:17.281Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…