Office

Description

Product names

office, Microsoft Office 2019, Microsoft 365 Apps for Enterprise, Microsoft Office 2016, Microsoft Office 2013 Service Pack 1, Microsoft Office LTSC 2021, Microsoft Office Online Server, Microsoft Office 2019 for Mac, Microsoft Office, Microsoft Word 2016

CVE-2020-17063 (GCVE-0-2020-17063)

Vulnerability from – Published: 2020-11-11 06:48 – Updated: 2024-09-10 15:52
VLAI?
Title
Microsoft Office Online Spoofing Vulnerability
Summary
Microsoft Office Online Spoofing Vulnerability
Severity ?
6.8 (Medium)
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
CWE
  • Spoofing
Assigner
References
Impacted products
Vendor Product Version
Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*
 Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:53:16.311Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17063"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "19.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft 365 Apps for Enterprise",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-11-10T08:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Microsoft Office Online Spoofing Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Spoofing",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-10T15:52:01.682Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17063"
        }
      ],
      "title": "Microsoft Office Online Spoofing Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2020-17063",
    "datePublished": "2020-11-11T06:48:23",
    "dateReserved": "2020-08-04T00:00:00",
    "dateUpdated": "2024-09-10T15:52:01.682Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-17062 (GCVE-0-2020-17062)

Vulnerability from – Published: 2020-11-11 06:48 – Updated: 2024-09-10 15:52
VLAI?
Title
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Summary
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Severity ?
7.8 (High)
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
CWE
  • Remote Code Execution
Assigner
References
Impacted products
Vendor Product Version
Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2016 Affected: 16.0.0 , < publication (custom)
    cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office 2010 Service Pack 2 Affected: 13.0.0.0 , < publication (custom)
    cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2013 Service Pack 1 Affected: 15.0.0 , < publication (custom)
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*
 Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:53:16.519Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17062"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "19.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft 365 Apps for Enterprise",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2010 Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "13.0.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*",
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*"
          ],
          "platforms": [
            "ARM64-based Systems",
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2013 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "15.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-11-10T08:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-10T15:52:01.086Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17062"
        }
      ],
      "title": "Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2020-17062",
    "datePublished": "2020-11-11T06:48:23",
    "dateReserved": "2020-08-04T00:00:00",
    "dateUpdated": "2024-09-10T15:52:01.086Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-17062 (GCVE-0-2020-17062)

Vulnerability from – Published: 2020-11-11 06:48 – Updated: 2024-09-10 15:52
VLAI?
Title
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Summary
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Severity ?
7.8 (High)
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
CWE
  • Remote Code Execution
Assigner
References
Impacted products
Vendor Product Version
Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2016 Affected: 16.0.0 , < publication (custom)
    cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office 2010 Service Pack 2 Affected: 13.0.0.0 , < publication (custom)
    cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2013 Service Pack 1 Affected: 15.0.0 , < publication (custom)
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*
 Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:53:16.519Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17062"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "19.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft 365 Apps for Enterprise",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2010 Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "13.0.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*",
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*"
          ],
          "platforms": [
            "ARM64-based Systems",
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2013 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "15.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-11-10T08:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-10T15:52:01.086Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17062"
        }
      ],
      "title": "Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2020-17062",
    "datePublished": "2020-11-11T06:48:23",
    "dateReserved": "2020-08-04T00:00:00",
    "dateUpdated": "2024-09-10T15:52:01.086Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-17062 (GCVE-0-2020-17062)

Vulnerability from – Published: 2020-11-11 06:48 – Updated: 2024-09-10 15:52
VLAI?
Title
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Summary
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Severity ?
7.8 (High)
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
CWE
  • Remote Code Execution
Assigner
References
Impacted products
Vendor Product Version
Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2016 Affected: 16.0.0 , < publication (custom)
    cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office 2010 Service Pack 2 Affected: 13.0.0.0 , < publication (custom)
    cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2013 Service Pack 1 Affected: 15.0.0 , < publication (custom)
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*
 Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:53:16.519Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17062"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "19.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft 365 Apps for Enterprise",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2010 Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "13.0.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*",
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*"
          ],
          "platforms": [
            "ARM64-based Systems",
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2013 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "15.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-11-10T08:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-10T15:52:01.086Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17062"
        }
      ],
      "title": "Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2020-17062",
    "datePublished": "2020-11-11T06:48:23",
    "dateReserved": "2020-08-04T00:00:00",
    "dateUpdated": "2024-09-10T15:52:01.086Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-17062 (GCVE-0-2020-17062)

Vulnerability from – Published: 2020-11-11 06:48 – Updated: 2024-09-10 15:52
VLAI?
Title
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Summary
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Severity ?
7.8 (High)
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
CWE
  • Remote Code Execution
Assigner
References
Impacted products
Vendor Product Version
Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2016 Affected: 16.0.0 , < publication (custom)
    cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office 2010 Service Pack 2 Affected: 13.0.0.0 , < publication (custom)
    cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2013 Service Pack 1 Affected: 15.0.0 , < publication (custom)
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*
 Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:53:16.519Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17062"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "19.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft 365 Apps for Enterprise",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2010 Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "13.0.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*",
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*"
          ],
          "platforms": [
            "ARM64-based Systems",
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2013 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "15.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-11-10T08:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-10T15:52:01.086Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17062"
        }
      ],
      "title": "Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2020-17062",
    "datePublished": "2020-11-11T06:48:23",
    "dateReserved": "2020-08-04T00:00:00",
    "dateUpdated": "2024-09-10T15:52:01.086Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-17062 (GCVE-0-2020-17062)

Vulnerability from – Published: 2020-11-11 06:48 – Updated: 2024-09-10 15:52
VLAI?
Title
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Summary
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Severity ?
7.8 (High)
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
CWE
  • Remote Code Execution
Assigner
References
Impacted products
Vendor Product Version
Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2016 Affected: 16.0.0 , < publication (custom)
    cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office 2010 Service Pack 2 Affected: 13.0.0.0 , < publication (custom)
    cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2013 Service Pack 1 Affected: 15.0.0 , < publication (custom)
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*
 Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:53:16.519Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17062"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "19.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft 365 Apps for Enterprise",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2010 Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "13.0.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*",
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*"
          ],
          "platforms": [
            "ARM64-based Systems",
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2013 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "15.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-11-10T08:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-10T15:52:01.086Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17062"
        }
      ],
      "title": "Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2020-17062",
    "datePublished": "2020-11-11T06:48:23",
    "dateReserved": "2020-08-04T00:00:00",
    "dateUpdated": "2024-09-10T15:52:01.086Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-17020 (GCVE-0-2020-17020)

Vulnerability from – Published: 2020-11-11 06:48 – Updated: 2024-09-10 15:51
VLAI?
Title
Microsoft Word Security Feature Bypass Vulnerability
Summary
Microsoft Word Security Feature Bypass Vulnerability
Severity ?
3.3 (Low)
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
CWE
  • Security Feature Bypass
Assigner
References
Impacted products
Vendor Product Version
Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Word 2016 Affected: 16.0.1 , < publication (custom)
    cpe:2.3:a:microsoft:word:2016:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2010 Service Pack 2 Affected: 13.0.0.0 , < publication (custom)
    cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Word 2010 Service Pack 2 Affected: 13.0.0.0 , < publication (custom)
    cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Word 2013 Service Pack 1 Affected: 15.0.1 , < publication (custom)
    cpe:2.3:a:microsoft:word:2013:sp1:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Word 2013 Service Pack 1 Affected: 15.0.1 , < publication (custom)
    cpe:2.3:a:microsoft:word:2013:sp1:*:*:*:*:*:*
 Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:45:34.847Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17020"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "19.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft 365 Apps for Enterprise",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:word:2016:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Word 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2010 Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "13.0.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Word 2010 Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "13.0.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:word:2013:sp1:*:*:*:*:*:*"
          ],
          "platforms": [
            "ARM64-based Systems",
            "32-bit Systems"
          ],
          "product": "Microsoft Word 2013 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "15.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:word:2013:sp1:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Microsoft Word 2013 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "15.0.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-11-10T08:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Microsoft Word Security Feature Bypass Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Security Feature Bypass",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-10T15:51:13.553Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17020"
        }
      ],
      "title": "Microsoft Word Security Feature Bypass Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2020-17020",
    "datePublished": "2020-11-11T06:48:06",
    "dateReserved": "2020-08-04T00:00:00",
    "dateUpdated": "2024-09-10T15:51:13.553Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-17020 (GCVE-0-2020-17020)

Vulnerability from – Published: 2020-11-11 06:48 – Updated: 2024-09-10 15:51
VLAI?
Title
Microsoft Word Security Feature Bypass Vulnerability
Summary
Microsoft Word Security Feature Bypass Vulnerability
Severity ?
3.3 (Low)
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
CWE
  • Security Feature Bypass
Assigner
References
Impacted products
Vendor Product Version
Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Word 2016 Affected: 16.0.1 , < publication (custom)
    cpe:2.3:a:microsoft:word:2016:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2010 Service Pack 2 Affected: 13.0.0.0 , < publication (custom)
    cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Word 2010 Service Pack 2 Affected: 13.0.0.0 , < publication (custom)
    cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Word 2013 Service Pack 1 Affected: 15.0.1 , < publication (custom)
    cpe:2.3:a:microsoft:word:2013:sp1:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Word 2013 Service Pack 1 Affected: 15.0.1 , < publication (custom)
    cpe:2.3:a:microsoft:word:2013:sp1:*:*:*:*:*:*
 Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:45:34.847Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17020"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "19.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft 365 Apps for Enterprise",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:word:2016:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Word 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2010 Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "13.0.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Word 2010 Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "13.0.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:word:2013:sp1:*:*:*:*:*:*"
          ],
          "platforms": [
            "ARM64-based Systems",
            "32-bit Systems"
          ],
          "product": "Microsoft Word 2013 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "15.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:word:2013:sp1:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Microsoft Word 2013 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "15.0.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-11-10T08:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Microsoft Word Security Feature Bypass Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Security Feature Bypass",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-10T15:51:13.553Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17020"
        }
      ],
      "title": "Microsoft Word Security Feature Bypass Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2020-17020",
    "datePublished": "2020-11-11T06:48:06",
    "dateReserved": "2020-08-04T00:00:00",
    "dateUpdated": "2024-09-10T15:51:13.553Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-17020 (GCVE-0-2020-17020)

Vulnerability from – Published: 2020-11-11 06:48 – Updated: 2024-09-10 15:51
VLAI?
Title
Microsoft Word Security Feature Bypass Vulnerability
Summary
Microsoft Word Security Feature Bypass Vulnerability
Severity ?
3.3 (Low)
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
CWE
  • Security Feature Bypass
Assigner
References
Impacted products
Vendor Product Version
Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Word 2016 Affected: 16.0.1 , < publication (custom)
    cpe:2.3:a:microsoft:word:2016:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2010 Service Pack 2 Affected: 13.0.0.0 , < publication (custom)
    cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Word 2010 Service Pack 2 Affected: 13.0.0.0 , < publication (custom)
    cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Word 2013 Service Pack 1 Affected: 15.0.1 , < publication (custom)
    cpe:2.3:a:microsoft:word:2013:sp1:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Word 2013 Service Pack 1 Affected: 15.0.1 , < publication (custom)
    cpe:2.3:a:microsoft:word:2013:sp1:*:*:*:*:*:*
 Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:45:34.847Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17020"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "19.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft 365 Apps for Enterprise",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:word:2016:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Word 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2010 Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "13.0.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Word 2010 Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "13.0.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:word:2013:sp1:*:*:*:*:*:*"
          ],
          "platforms": [
            "ARM64-based Systems",
            "32-bit Systems"
          ],
          "product": "Microsoft Word 2013 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "15.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:word:2013:sp1:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Microsoft Word 2013 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "15.0.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-11-10T08:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Microsoft Word Security Feature Bypass Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Security Feature Bypass",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-10T15:51:13.553Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17020"
        }
      ],
      "title": "Microsoft Word Security Feature Bypass Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2020-17020",
    "datePublished": "2020-11-11T06:48:06",
    "dateReserved": "2020-08-04T00:00:00",
    "dateUpdated": "2024-09-10T15:51:13.553Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-17020 (GCVE-0-2020-17020)

Vulnerability from – Published: 2020-11-11 06:48 – Updated: 2024-09-10 15:51
VLAI?
Title
Microsoft Word Security Feature Bypass Vulnerability
Summary
Microsoft Word Security Feature Bypass Vulnerability
Severity ?
3.3 (Low)
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
CWE
  • Security Feature Bypass
Assigner
References
Impacted products
Vendor Product Version
Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Word 2016 Affected: 16.0.1 , < publication (custom)
    cpe:2.3:a:microsoft:word:2016:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2010 Service Pack 2 Affected: 13.0.0.0 , < publication (custom)
    cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Word 2010 Service Pack 2 Affected: 13.0.0.0 , < publication (custom)
    cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Word 2013 Service Pack 1 Affected: 15.0.1 , < publication (custom)
    cpe:2.3:a:microsoft:word:2013:sp1:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Word 2013 Service Pack 1 Affected: 15.0.1 , < publication (custom)
    cpe:2.3:a:microsoft:word:2013:sp1:*:*:*:*:*:*
 Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:45:34.847Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17020"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "19.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft 365 Apps for Enterprise",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:word:2016:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Word 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2010 Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "13.0.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Word 2010 Service Pack 2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "13.0.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:word:2013:sp1:*:*:*:*:*:*"
          ],
          "platforms": [
            "ARM64-based Systems",
            "32-bit Systems"
          ],
          "product": "Microsoft Word 2013 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "15.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:word:2013:sp1:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Microsoft Word 2013 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "publication",
              "status": "affected",
              "version": "15.0.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-11-10T08:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Microsoft Word Security Feature Bypass Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Security Feature Bypass",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-10T15:51:13.553Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17020"
        }
      ],
      "title": "Microsoft Word Security Feature Bypass Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2020-17020",
    "datePublished": "2020-11-11T06:48:06",
    "dateReserved": "2020-08-04T00:00:00",
    "dateUpdated": "2024-09-10T15:51:13.553Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

displaying 1591 - 1600 organizations in total 2701