Office

Description

Product names

office, Microsoft Office 2019, Microsoft 365 Apps for Enterprise, Microsoft Office 2016, Microsoft Office 2013 Service Pack 1, Microsoft Office LTSC 2021, Microsoft Office Online Server, Microsoft Office 2019 for Mac, Microsoft Office, Microsoft Word 2016

CVE-2021-40471 (GCVE-0-2021-40471)

Vulnerability from – Published: 2021-10-13 00:27 – Updated: 2024-08-04 02:44
VLAI?
Title
Microsoft Excel Remote Code Execution Vulnerability
Summary
Microsoft Excel Remote Code Execution Vulnerability
Severity ?
7.8 (High)
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
CWE
  • Remote Code Execution
Assigner
References
Impacted products
Vendor Product Version
Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2016 Affected: 16.0.0 , < 16.0.5227.1000 (custom)
    cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office 2013 Service Pack 1 Affected: 15.0.0 , < 15.0.5389.1000 (custom)
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*
 Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:44:10.480Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40471"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "19.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft 365 Apps for Enterprise",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems",
            "32-bit Systems"
          ],
          "product": "Microsoft Office LTSC 2021",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.0.5227.1000",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*",
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*"
          ],
          "platforms": [
            "ARM64-based Systems",
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2013 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "15.0.5389.1000",
              "status": "affected",
              "version": "15.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2021-10-12T07:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Microsoft Excel Remote Code Execution Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-29T14:52:28.456Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40471"
        }
      ],
      "title": "Microsoft Excel Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2021-40471",
    "datePublished": "2021-10-13T00:27:14",
    "dateReserved": "2021-09-02T00:00:00",
    "dateUpdated": "2024-08-04T02:44:10.480Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-40454 (GCVE-0-2021-40454)

Vulnerability from – Published: 2021-10-13 00:26 – Updated: 2024-08-04 02:44
VLAI?
Title
Rich Text Edit Control Information Disclosure Vulnerability
Summary
Rich Text Edit Control Information Disclosure Vulnerability
Severity ?
5.5 (Medium)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:F/RL:O/RC:C
CWE
  • Information Disclosure
Assigner
References
Impacted products
Vendor Product Version
Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.2237 (custom)
    cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:arm64:*
 Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.0 , < 10.0.17763.2237 (custom)
    cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.0 , < 10.0.17763.2237 (custom)
    cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 10 Version 1909 Affected: 10.0.0 , < 10.0.18363.1854 (custom)
    cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1854:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1854:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10_1809:10.0.18363.1854:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows 10 Version 21H1 Affected: 10.0.0 , < 10.0.19043.1288 (custom)
    cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:arm64:*
    cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:x86:*
 Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.0 , < 10.0.20348.288 (custom)
    cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.288:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 10 Version 2004 Affected: 10.0.0 , < 10.0.19041.1288 (custom)
    cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.1288:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server version 2004 Affected: 10.0.0 , < 10.0.19041.1288 (custom)
    cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.1288:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 10 Version 20H2 Affected: 10.0.0 , < 10.0.19042.1288 (custom)
    cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1288:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1288:*:*:*:*:*:arm64:*
 Create a notification for this product.
    Microsoft Windows Server version 20H2 Affected: 10.0.0 , < 10.0.19042.1288 (custom)
    cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.1288:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.258 (custom)
    cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.258:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.258:*:*:*:*:*:arm64:*
 Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.0 , < 10.0.10240.19086 (custom)
    cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19086:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19086:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.0 , < 10.0.14393.4704 (custom)
    cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4704:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4704:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.0 , < 10.0.14393.4704 (custom)
    cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.0 , < 10.0.14393.4704 (custom)
    cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 8.1 Affected: 6.3.0 , < 6.3.9600.20144 (custom)
    cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20144:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20144:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_rt_8.1:6.3.9600.20144:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.0 , < 6.2.9200.23490 (custom)
    cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23490:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.0 , < 6.2.9200.23490 (custom)
    cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23490:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.0 , < 6.3.9600.20144 (custom)
    cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20144:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.0 , < 6.3.9600.20144 (custom)
    cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20144:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2019 for Mac Affected: 16.0.0 , < 16.54.21101001 (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*
 Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2016 Affected: 16.0.0 , < 16.0.5227.1000 (custom)
    cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office 2013 Service Pack 1 Affected: 15.0.0 , < 15.0.5389.1000 (custom)
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office LTSC for Mac 2021 Affected: 16.0.1 , < 16.54.21101001 (custom)
    cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*
 Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:44:10.420Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40454"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 1809",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.2237",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.2237",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.2237",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1854:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1854:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.18363.1854:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 1909",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.18363.1854",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:arm64:*",
            "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:x86:*"
          ],
          "platforms": [
            "x64-based Systems",
            "ARM64-based Systems",
            "32-bit Systems"
          ],
          "product": "Windows 10 Version 21H1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19043.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.288:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.20348.288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.1288:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 2004",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19041.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.1288:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server version 2004",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19041.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1288:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1288:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 20H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19042.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.1288:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server version 20H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19042.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.258:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.258:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 11 version 21H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22000.258",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19086:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19086:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1507",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.10240.19086",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4704:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4704:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1607",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.4704",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.4704",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.4704",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20144:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20144:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_rt_8.1:6.3.9600.20144:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 8.1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.20144",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23490:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.23490",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23490:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.23490",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20144:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.20144",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20144:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.20144",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "19.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Office 2019 for Mac",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.54.21101001",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft 365 Apps for Enterprise",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.0.5227.1000",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*",
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*"
          ],
          "platforms": [
            "ARM64-based Systems",
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2013 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "15.0.5389.1000",
              "status": "affected",
              "version": "15.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems",
            "32-bit Systems"
          ],
          "product": "Microsoft Office LTSC 2021",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Office LTSC for Mac 2021",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.54.21101001",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2021-10-12T07:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Rich Text Edit Control Information Disclosure Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:F/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-29T14:52:11.532Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40454"
        }
      ],
      "title": "Rich Text Edit Control Information Disclosure Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2021-40454",
    "datePublished": "2021-10-13T00:26:50",
    "dateReserved": "2021-09-02T00:00:00",
    "dateUpdated": "2024-08-04T02:44:10.420Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-40454 (GCVE-0-2021-40454)

Vulnerability from – Published: 2021-10-13 00:26 – Updated: 2024-08-04 02:44
VLAI?
Title
Rich Text Edit Control Information Disclosure Vulnerability
Summary
Rich Text Edit Control Information Disclosure Vulnerability
Severity ?
5.5 (Medium)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:F/RL:O/RC:C
CWE
  • Information Disclosure
Assigner
References
Impacted products
Vendor Product Version
Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.2237 (custom)
    cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:arm64:*
 Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.0 , < 10.0.17763.2237 (custom)
    cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.0 , < 10.0.17763.2237 (custom)
    cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 10 Version 1909 Affected: 10.0.0 , < 10.0.18363.1854 (custom)
    cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1854:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1854:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10_1809:10.0.18363.1854:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows 10 Version 21H1 Affected: 10.0.0 , < 10.0.19043.1288 (custom)
    cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:arm64:*
    cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:x86:*
 Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.0 , < 10.0.20348.288 (custom)
    cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.288:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 10 Version 2004 Affected: 10.0.0 , < 10.0.19041.1288 (custom)
    cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.1288:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server version 2004 Affected: 10.0.0 , < 10.0.19041.1288 (custom)
    cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.1288:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 10 Version 20H2 Affected: 10.0.0 , < 10.0.19042.1288 (custom)
    cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1288:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1288:*:*:*:*:*:arm64:*
 Create a notification for this product.
    Microsoft Windows Server version 20H2 Affected: 10.0.0 , < 10.0.19042.1288 (custom)
    cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.1288:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.258 (custom)
    cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.258:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.258:*:*:*:*:*:arm64:*
 Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.0 , < 10.0.10240.19086 (custom)
    cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19086:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19086:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.0 , < 10.0.14393.4704 (custom)
    cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4704:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4704:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.0 , < 10.0.14393.4704 (custom)
    cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.0 , < 10.0.14393.4704 (custom)
    cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 8.1 Affected: 6.3.0 , < 6.3.9600.20144 (custom)
    cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20144:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20144:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_rt_8.1:6.3.9600.20144:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.0 , < 6.2.9200.23490 (custom)
    cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23490:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.0 , < 6.2.9200.23490 (custom)
    cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23490:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.0 , < 6.3.9600.20144 (custom)
    cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20144:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.0 , < 6.3.9600.20144 (custom)
    cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20144:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2019 for Mac Affected: 16.0.0 , < 16.54.21101001 (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*
 Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2016 Affected: 16.0.0 , < 16.0.5227.1000 (custom)
    cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office 2013 Service Pack 1 Affected: 15.0.0 , < 15.0.5389.1000 (custom)
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office LTSC for Mac 2021 Affected: 16.0.1 , < 16.54.21101001 (custom)
    cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*
 Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:44:10.420Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40454"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 1809",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.2237",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.2237",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.2237",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1854:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1854:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.18363.1854:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 1909",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.18363.1854",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:arm64:*",
            "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:x86:*"
          ],
          "platforms": [
            "x64-based Systems",
            "ARM64-based Systems",
            "32-bit Systems"
          ],
          "product": "Windows 10 Version 21H1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19043.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.288:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.20348.288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.1288:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 2004",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19041.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.1288:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server version 2004",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19041.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1288:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1288:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 20H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19042.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.1288:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server version 20H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19042.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.258:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.258:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 11 version 21H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22000.258",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19086:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19086:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1507",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.10240.19086",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4704:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4704:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1607",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.4704",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.4704",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.4704",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20144:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20144:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_rt_8.1:6.3.9600.20144:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 8.1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.20144",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23490:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.23490",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23490:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.23490",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20144:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.20144",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20144:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.20144",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "19.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Office 2019 for Mac",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.54.21101001",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft 365 Apps for Enterprise",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.0.5227.1000",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*",
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*"
          ],
          "platforms": [
            "ARM64-based Systems",
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2013 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "15.0.5389.1000",
              "status": "affected",
              "version": "15.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems",
            "32-bit Systems"
          ],
          "product": "Microsoft Office LTSC 2021",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Office LTSC for Mac 2021",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.54.21101001",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2021-10-12T07:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Rich Text Edit Control Information Disclosure Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:F/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-29T14:52:11.532Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40454"
        }
      ],
      "title": "Rich Text Edit Control Information Disclosure Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2021-40454",
    "datePublished": "2021-10-13T00:26:50",
    "dateReserved": "2021-09-02T00:00:00",
    "dateUpdated": "2024-08-04T02:44:10.420Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-40454 (GCVE-0-2021-40454)

Vulnerability from – Published: 2021-10-13 00:26 – Updated: 2024-08-04 02:44
VLAI?
Title
Rich Text Edit Control Information Disclosure Vulnerability
Summary
Rich Text Edit Control Information Disclosure Vulnerability
Severity ?
5.5 (Medium)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:F/RL:O/RC:C
CWE
  • Information Disclosure
Assigner
References
Impacted products
Vendor Product Version
Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.2237 (custom)
    cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:arm64:*
 Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.0 , < 10.0.17763.2237 (custom)
    cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.0 , < 10.0.17763.2237 (custom)
    cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 10 Version 1909 Affected: 10.0.0 , < 10.0.18363.1854 (custom)
    cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1854:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1854:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10_1809:10.0.18363.1854:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows 10 Version 21H1 Affected: 10.0.0 , < 10.0.19043.1288 (custom)
    cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:arm64:*
    cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:x86:*
 Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.0 , < 10.0.20348.288 (custom)
    cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.288:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 10 Version 2004 Affected: 10.0.0 , < 10.0.19041.1288 (custom)
    cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.1288:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server version 2004 Affected: 10.0.0 , < 10.0.19041.1288 (custom)
    cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.1288:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 10 Version 20H2 Affected: 10.0.0 , < 10.0.19042.1288 (custom)
    cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1288:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1288:*:*:*:*:*:arm64:*
 Create a notification for this product.
    Microsoft Windows Server version 20H2 Affected: 10.0.0 , < 10.0.19042.1288 (custom)
    cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.1288:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.258 (custom)
    cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.258:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.258:*:*:*:*:*:arm64:*
 Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.0 , < 10.0.10240.19086 (custom)
    cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19086:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19086:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.0 , < 10.0.14393.4704 (custom)
    cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4704:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4704:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.0 , < 10.0.14393.4704 (custom)
    cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.0 , < 10.0.14393.4704 (custom)
    cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 8.1 Affected: 6.3.0 , < 6.3.9600.20144 (custom)
    cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20144:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20144:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_rt_8.1:6.3.9600.20144:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.0 , < 6.2.9200.23490 (custom)
    cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23490:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.0 , < 6.2.9200.23490 (custom)
    cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23490:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.0 , < 6.3.9600.20144 (custom)
    cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20144:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.0 , < 6.3.9600.20144 (custom)
    cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20144:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2019 for Mac Affected: 16.0.0 , < 16.54.21101001 (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*
 Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2016 Affected: 16.0.0 , < 16.0.5227.1000 (custom)
    cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office 2013 Service Pack 1 Affected: 15.0.0 , < 15.0.5389.1000 (custom)
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office LTSC for Mac 2021 Affected: 16.0.1 , < 16.54.21101001 (custom)
    cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*
 Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:44:10.420Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40454"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 1809",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.2237",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.2237",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.2237",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1854:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1854:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.18363.1854:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 1909",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.18363.1854",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:arm64:*",
            "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:x86:*"
          ],
          "platforms": [
            "x64-based Systems",
            "ARM64-based Systems",
            "32-bit Systems"
          ],
          "product": "Windows 10 Version 21H1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19043.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.288:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.20348.288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.1288:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 2004",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19041.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.1288:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server version 2004",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19041.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1288:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1288:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 20H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19042.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.1288:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server version 20H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19042.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.258:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.258:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 11 version 21H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22000.258",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19086:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19086:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1507",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.10240.19086",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4704:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4704:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1607",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.4704",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.4704",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.4704",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20144:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20144:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_rt_8.1:6.3.9600.20144:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 8.1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.20144",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23490:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.23490",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23490:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.23490",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20144:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.20144",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20144:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.20144",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "19.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Office 2019 for Mac",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.54.21101001",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft 365 Apps for Enterprise",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.0.5227.1000",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*",
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*"
          ],
          "platforms": [
            "ARM64-based Systems",
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2013 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "15.0.5389.1000",
              "status": "affected",
              "version": "15.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems",
            "32-bit Systems"
          ],
          "product": "Microsoft Office LTSC 2021",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Office LTSC for Mac 2021",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.54.21101001",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2021-10-12T07:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Rich Text Edit Control Information Disclosure Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:F/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-29T14:52:11.532Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40454"
        }
      ],
      "title": "Rich Text Edit Control Information Disclosure Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2021-40454",
    "datePublished": "2021-10-13T00:26:50",
    "dateReserved": "2021-09-02T00:00:00",
    "dateUpdated": "2024-08-04T02:44:10.420Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-40454 (GCVE-0-2021-40454)

Vulnerability from – Published: 2021-10-13 00:26 – Updated: 2024-08-04 02:44
VLAI?
Title
Rich Text Edit Control Information Disclosure Vulnerability
Summary
Rich Text Edit Control Information Disclosure Vulnerability
Severity ?
5.5 (Medium)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:F/RL:O/RC:C
CWE
  • Information Disclosure
Assigner
References
Impacted products
Vendor Product Version
Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.2237 (custom)
    cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:arm64:*
 Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.0 , < 10.0.17763.2237 (custom)
    cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.0 , < 10.0.17763.2237 (custom)
    cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 10 Version 1909 Affected: 10.0.0 , < 10.0.18363.1854 (custom)
    cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1854:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1854:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10_1809:10.0.18363.1854:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows 10 Version 21H1 Affected: 10.0.0 , < 10.0.19043.1288 (custom)
    cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:arm64:*
    cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:x86:*
 Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.0 , < 10.0.20348.288 (custom)
    cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.288:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 10 Version 2004 Affected: 10.0.0 , < 10.0.19041.1288 (custom)
    cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.1288:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server version 2004 Affected: 10.0.0 , < 10.0.19041.1288 (custom)
    cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.1288:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 10 Version 20H2 Affected: 10.0.0 , < 10.0.19042.1288 (custom)
    cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1288:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1288:*:*:*:*:*:arm64:*
 Create a notification for this product.
    Microsoft Windows Server version 20H2 Affected: 10.0.0 , < 10.0.19042.1288 (custom)
    cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.1288:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.258 (custom)
    cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.258:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.258:*:*:*:*:*:arm64:*
 Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.0 , < 10.0.10240.19086 (custom)
    cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19086:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19086:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.0 , < 10.0.14393.4704 (custom)
    cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4704:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4704:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.0 , < 10.0.14393.4704 (custom)
    cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.0 , < 10.0.14393.4704 (custom)
    cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 8.1 Affected: 6.3.0 , < 6.3.9600.20144 (custom)
    cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20144:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20144:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_rt_8.1:6.3.9600.20144:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.0 , < 6.2.9200.23490 (custom)
    cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23490:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.0 , < 6.2.9200.23490 (custom)
    cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23490:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.0 , < 6.3.9600.20144 (custom)
    cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20144:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.0 , < 6.3.9600.20144 (custom)
    cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20144:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2019 for Mac Affected: 16.0.0 , < 16.54.21101001 (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*
 Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2016 Affected: 16.0.0 , < 16.0.5227.1000 (custom)
    cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office 2013 Service Pack 1 Affected: 15.0.0 , < 15.0.5389.1000 (custom)
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office LTSC for Mac 2021 Affected: 16.0.1 , < 16.54.21101001 (custom)
    cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*
 Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:44:10.420Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40454"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 1809",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.2237",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.2237",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.2237",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1854:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1854:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.18363.1854:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 1909",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.18363.1854",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:arm64:*",
            "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:x86:*"
          ],
          "platforms": [
            "x64-based Systems",
            "ARM64-based Systems",
            "32-bit Systems"
          ],
          "product": "Windows 10 Version 21H1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19043.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.288:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.20348.288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.1288:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 2004",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19041.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.1288:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server version 2004",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19041.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1288:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1288:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 20H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19042.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.1288:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server version 20H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19042.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.258:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.258:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 11 version 21H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22000.258",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19086:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19086:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1507",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.10240.19086",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4704:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4704:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1607",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.4704",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.4704",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.4704",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20144:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20144:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_rt_8.1:6.3.9600.20144:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 8.1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.20144",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23490:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.23490",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23490:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.23490",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20144:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.20144",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20144:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.20144",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "19.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Office 2019 for Mac",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.54.21101001",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft 365 Apps for Enterprise",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.0.5227.1000",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*",
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*"
          ],
          "platforms": [
            "ARM64-based Systems",
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2013 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "15.0.5389.1000",
              "status": "affected",
              "version": "15.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems",
            "32-bit Systems"
          ],
          "product": "Microsoft Office LTSC 2021",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Office LTSC for Mac 2021",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.54.21101001",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2021-10-12T07:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Rich Text Edit Control Information Disclosure Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:F/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-29T14:52:11.532Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40454"
        }
      ],
      "title": "Rich Text Edit Control Information Disclosure Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2021-40454",
    "datePublished": "2021-10-13T00:26:50",
    "dateReserved": "2021-09-02T00:00:00",
    "dateUpdated": "2024-08-04T02:44:10.420Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-40454 (GCVE-0-2021-40454)

Vulnerability from – Published: 2021-10-13 00:26 – Updated: 2024-08-04 02:44
VLAI?
Title
Rich Text Edit Control Information Disclosure Vulnerability
Summary
Rich Text Edit Control Information Disclosure Vulnerability
Severity ?
5.5 (Medium)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:F/RL:O/RC:C
CWE
  • Information Disclosure
Assigner
References
Impacted products
Vendor Product Version
Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.2237 (custom)
    cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:arm64:*
 Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.0 , < 10.0.17763.2237 (custom)
    cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.0 , < 10.0.17763.2237 (custom)
    cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 10 Version 1909 Affected: 10.0.0 , < 10.0.18363.1854 (custom)
    cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1854:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1854:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10_1809:10.0.18363.1854:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows 10 Version 21H1 Affected: 10.0.0 , < 10.0.19043.1288 (custom)
    cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:arm64:*
    cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:x86:*
 Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.0 , < 10.0.20348.288 (custom)
    cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.288:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 10 Version 2004 Affected: 10.0.0 , < 10.0.19041.1288 (custom)
    cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.1288:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server version 2004 Affected: 10.0.0 , < 10.0.19041.1288 (custom)
    cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.1288:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 10 Version 20H2 Affected: 10.0.0 , < 10.0.19042.1288 (custom)
    cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1288:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1288:*:*:*:*:*:arm64:*
 Create a notification for this product.
    Microsoft Windows Server version 20H2 Affected: 10.0.0 , < 10.0.19042.1288 (custom)
    cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.1288:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.258 (custom)
    cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.258:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.258:*:*:*:*:*:arm64:*
 Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.0 , < 10.0.10240.19086 (custom)
    cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19086:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19086:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.0 , < 10.0.14393.4704 (custom)
    cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4704:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4704:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.0 , < 10.0.14393.4704 (custom)
    cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.0 , < 10.0.14393.4704 (custom)
    cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 8.1 Affected: 6.3.0 , < 6.3.9600.20144 (custom)
    cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20144:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20144:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_rt_8.1:6.3.9600.20144:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.0 , < 6.2.9200.23490 (custom)
    cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23490:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.0 , < 6.2.9200.23490 (custom)
    cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23490:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.0 , < 6.3.9600.20144 (custom)
    cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20144:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.0 , < 6.3.9600.20144 (custom)
    cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20144:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2019 for Mac Affected: 16.0.0 , < 16.54.21101001 (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*
 Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2016 Affected: 16.0.0 , < 16.0.5227.1000 (custom)
    cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office 2013 Service Pack 1 Affected: 15.0.0 , < 15.0.5389.1000 (custom)
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office LTSC for Mac 2021 Affected: 16.0.1 , < 16.54.21101001 (custom)
    cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*
 Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:44:10.420Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40454"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 1809",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.2237",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.2237",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.2237",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1854:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1854:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.18363.1854:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 1909",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.18363.1854",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:arm64:*",
            "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:x86:*"
          ],
          "platforms": [
            "x64-based Systems",
            "ARM64-based Systems",
            "32-bit Systems"
          ],
          "product": "Windows 10 Version 21H1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19043.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.288:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.20348.288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.1288:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 2004",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19041.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.1288:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server version 2004",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19041.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1288:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1288:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 20H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19042.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.1288:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server version 20H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19042.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.258:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.258:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 11 version 21H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22000.258",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19086:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19086:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1507",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.10240.19086",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4704:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4704:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1607",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.4704",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.4704",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.4704",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20144:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20144:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_rt_8.1:6.3.9600.20144:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 8.1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.20144",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23490:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.23490",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23490:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.23490",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20144:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.20144",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20144:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.20144",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "19.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Office 2019 for Mac",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.54.21101001",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft 365 Apps for Enterprise",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.0.5227.1000",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*",
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*"
          ],
          "platforms": [
            "ARM64-based Systems",
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2013 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "15.0.5389.1000",
              "status": "affected",
              "version": "15.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems",
            "32-bit Systems"
          ],
          "product": "Microsoft Office LTSC 2021",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Office LTSC for Mac 2021",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.54.21101001",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2021-10-12T07:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Rich Text Edit Control Information Disclosure Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:F/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-29T14:52:11.532Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40454"
        }
      ],
      "title": "Rich Text Edit Control Information Disclosure Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2021-40454",
    "datePublished": "2021-10-13T00:26:50",
    "dateReserved": "2021-09-02T00:00:00",
    "dateUpdated": "2024-08-04T02:44:10.420Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-40454 (GCVE-0-2021-40454)

Vulnerability from – Published: 2021-10-13 00:26 – Updated: 2024-08-04 02:44
VLAI?
Title
Rich Text Edit Control Information Disclosure Vulnerability
Summary
Rich Text Edit Control Information Disclosure Vulnerability
Severity ?
5.5 (Medium)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:F/RL:O/RC:C
CWE
  • Information Disclosure
Assigner
References
Impacted products
Vendor Product Version
Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.2237 (custom)
    cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:arm64:*
 Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.0 , < 10.0.17763.2237 (custom)
    cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.0 , < 10.0.17763.2237 (custom)
    cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 10 Version 1909 Affected: 10.0.0 , < 10.0.18363.1854 (custom)
    cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1854:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1854:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10_1809:10.0.18363.1854:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows 10 Version 21H1 Affected: 10.0.0 , < 10.0.19043.1288 (custom)
    cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:arm64:*
    cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:x86:*
 Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.0 , < 10.0.20348.288 (custom)
    cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.288:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 10 Version 2004 Affected: 10.0.0 , < 10.0.19041.1288 (custom)
    cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.1288:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server version 2004 Affected: 10.0.0 , < 10.0.19041.1288 (custom)
    cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.1288:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 10 Version 20H2 Affected: 10.0.0 , < 10.0.19042.1288 (custom)
    cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1288:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1288:*:*:*:*:*:arm64:*
 Create a notification for this product.
    Microsoft Windows Server version 20H2 Affected: 10.0.0 , < 10.0.19042.1288 (custom)
    cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.1288:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.258 (custom)
    cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.258:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.258:*:*:*:*:*:arm64:*
 Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.0 , < 10.0.10240.19086 (custom)
    cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19086:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19086:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.0 , < 10.0.14393.4704 (custom)
    cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4704:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4704:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.0 , < 10.0.14393.4704 (custom)
    cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.0 , < 10.0.14393.4704 (custom)
    cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 8.1 Affected: 6.3.0 , < 6.3.9600.20144 (custom)
    cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20144:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20144:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_rt_8.1:6.3.9600.20144:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.0 , < 6.2.9200.23490 (custom)
    cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23490:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.0 , < 6.2.9200.23490 (custom)
    cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23490:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.0 , < 6.3.9600.20144 (custom)
    cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20144:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.0 , < 6.3.9600.20144 (custom)
    cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20144:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2019 for Mac Affected: 16.0.0 , < 16.54.21101001 (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*
 Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2016 Affected: 16.0.0 , < 16.0.5227.1000 (custom)
    cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office 2013 Service Pack 1 Affected: 15.0.0 , < 15.0.5389.1000 (custom)
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office LTSC for Mac 2021 Affected: 16.0.1 , < 16.54.21101001 (custom)
    cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*
 Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:44:10.420Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40454"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 1809",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.2237",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.2237",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.2237",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1854:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1854:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.18363.1854:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 1909",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.18363.1854",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:arm64:*",
            "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:x86:*"
          ],
          "platforms": [
            "x64-based Systems",
            "ARM64-based Systems",
            "32-bit Systems"
          ],
          "product": "Windows 10 Version 21H1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19043.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.288:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.20348.288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.1288:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 2004",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19041.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.1288:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server version 2004",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19041.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1288:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1288:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 20H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19042.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.1288:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server version 20H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19042.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.258:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.258:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 11 version 21H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22000.258",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19086:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19086:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1507",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.10240.19086",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4704:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4704:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1607",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.4704",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.4704",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.4704",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20144:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20144:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_rt_8.1:6.3.9600.20144:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 8.1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.20144",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23490:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.23490",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23490:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.23490",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20144:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.20144",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20144:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.20144",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "19.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Office 2019 for Mac",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.54.21101001",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft 365 Apps for Enterprise",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.0.5227.1000",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*",
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*"
          ],
          "platforms": [
            "ARM64-based Systems",
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2013 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "15.0.5389.1000",
              "status": "affected",
              "version": "15.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems",
            "32-bit Systems"
          ],
          "product": "Microsoft Office LTSC 2021",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Office LTSC for Mac 2021",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.54.21101001",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2021-10-12T07:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Rich Text Edit Control Information Disclosure Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:F/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-29T14:52:11.532Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40454"
        }
      ],
      "title": "Rich Text Edit Control Information Disclosure Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2021-40454",
    "datePublished": "2021-10-13T00:26:50",
    "dateReserved": "2021-09-02T00:00:00",
    "dateUpdated": "2024-08-04T02:44:10.420Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-40454 (GCVE-0-2021-40454)

Vulnerability from – Published: 2021-10-13 00:26 – Updated: 2024-08-04 02:44
VLAI?
Title
Rich Text Edit Control Information Disclosure Vulnerability
Summary
Rich Text Edit Control Information Disclosure Vulnerability
Severity ?
5.5 (Medium)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:F/RL:O/RC:C
CWE
  • Information Disclosure
Assigner
References
Impacted products
Vendor Product Version
Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.2237 (custom)
    cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:arm64:*
 Create a notification for this product.
    Microsoft Windows Server 2019 Affected: 10.0.0 , < 10.0.17763.2237 (custom)
    cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.0 , < 10.0.17763.2237 (custom)
    cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 10 Version 1909 Affected: 10.0.0 , < 10.0.18363.1854 (custom)
    cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1854:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1854:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10_1809:10.0.18363.1854:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows 10 Version 21H1 Affected: 10.0.0 , < 10.0.19043.1288 (custom)
    cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:arm64:*
    cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:x86:*
 Create a notification for this product.
    Microsoft Windows Server 2022 Affected: 10.0.0 , < 10.0.20348.288 (custom)
    cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.288:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 10 Version 2004 Affected: 10.0.0 , < 10.0.19041.1288 (custom)
    cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.1288:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server version 2004 Affected: 10.0.0 , < 10.0.19041.1288 (custom)
    cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.1288:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 10 Version 20H2 Affected: 10.0.0 , < 10.0.19042.1288 (custom)
    cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1288:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1288:*:*:*:*:*:arm64:*
 Create a notification for this product.
    Microsoft Windows Server version 20H2 Affected: 10.0.0 , < 10.0.19042.1288 (custom)
    cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.1288:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22000.258 (custom)
    cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.258:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.258:*:*:*:*:*:arm64:*
 Create a notification for this product.
    Microsoft Windows 10 Version 1507 Affected: 10.0.0 , < 10.0.10240.19086 (custom)
    cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19086:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19086:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows 10 Version 1607 Affected: 10.0.0 , < 10.0.14393.4704 (custom)
    cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4704:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4704:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server 2016 Affected: 10.0.0 , < 10.0.14393.4704 (custom)
    cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows Server 2016 (Server Core installation) Affected: 10.0.0 , < 10.0.14393.4704 (custom)
    cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows 8.1 Affected: 6.3.0 , < 6.3.9600.20144 (custom)
    cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20144:*:*:*:*:*:x86:*
    cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20144:*:*:*:*:*:x64:*
    cpe:2.3:o:microsoft:windows_rt_8.1:6.3.9600.20144:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Windows Server 2012 Affected: 6.2.0 , < 6.2.9200.23490 (custom)
    cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23490:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server 2012 (Server Core installation) Affected: 6.2.0 , < 6.2.9200.23490 (custom)
    cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23490:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server 2012 R2 Affected: 6.3.0 , < 6.3.9600.20144 (custom)
    cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20144:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Windows Server 2012 R2 (Server Core installation) Affected: 6.3.0 , < 6.3.9600.20144 (custom)
    cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20144:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2019 for Mac Affected: 16.0.0 , < 16.54.21101001 (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*
 Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2016 Affected: 16.0.0 , < 16.0.5227.1000 (custom)
    cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office 2013 Service Pack 1 Affected: 15.0.0 , < 15.0.5389.1000 (custom)
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office LTSC for Mac 2021 Affected: 16.0.1 , < 16.54.21101001 (custom)
    cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*
 Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:44:10.420Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40454"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 1809",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.2237",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.2237",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2237:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.2237",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1854:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1854:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.18363.1854:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 1909",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.18363.1854",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:arm64:*",
            "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1288:*:*:*:*:*:x86:*"
          ],
          "platforms": [
            "x64-based Systems",
            "ARM64-based Systems",
            "32-bit Systems"
          ],
          "product": "Windows 10 Version 21H1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19043.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.288:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.20348.288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.1288:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 2004",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19041.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.1288:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server version 2004",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19041.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1288:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1288:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 20H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19042.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.1288:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server version 20H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19042.1288",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.258:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.258:*:*:*:*:*:arm64:*"
          ],
          "platforms": [
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 11 version 21H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22000.258",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19086:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19086:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1507",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.10240.19086",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4704:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4704:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1607",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.4704",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.4704",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4704:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2016 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.14393.4704",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20144:*:*:*:*:*:x86:*",
            "cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20144:*:*:*:*:*:x64:*",
            "cpe:2.3:o:microsoft:windows_rt_8.1:6.3.9600.20144:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 8.1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.20144",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23490:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.23490",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23490:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.2.9200.23490",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20144:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.20144",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20144:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2012 R2 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "6.3.9600.20144",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "19.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Office 2019 for Mac",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.54.21101001",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft 365 Apps for Enterprise",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.0.5227.1000",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*",
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:x64:*"
          ],
          "platforms": [
            "ARM64-based Systems",
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2013 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "15.0.5389.1000",
              "status": "affected",
              "version": "15.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems",
            "32-bit Systems"
          ],
          "product": "Microsoft Office LTSC 2021",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Office LTSC for Mac 2021",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.54.21101001",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2021-10-12T07:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Rich Text Edit Control Information Disclosure Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:F/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-29T14:52:11.532Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40454"
        }
      ],
      "title": "Rich Text Edit Control Information Disclosure Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2021-40454",
    "datePublished": "2021-10-13T00:26:50",
    "dateReserved": "2021-09-02T00:00:00",
    "dateUpdated": "2024-08-04T02:44:10.420Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-40442 (GCVE-0-2021-40442)

Vulnerability from – Published: 2021-11-10 00:46 – Updated: 2024-08-04 02:44
VLAI?
Title
Microsoft Excel Remote Code Execution Vulnerability
Summary
Microsoft Excel Remote Code Execution Vulnerability
Severity ?
7.8 (High)
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
CWE
  • Remote Code Execution
Assigner
References
Impacted products
Vendor Product Version
Microsoft Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Affected: 15.0.0 , < 15.0.5397.1001 (custom)
    cpe:2.3:a:microsoft:sharepoint_server:2013:sp1:*:*:enterprise:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2019 for Mac Affected: 16.0.0 , < 16.55.21111400 (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*
 Create a notification for this product.
    Microsoft Microsoft Office Online Server Affected: 16.0.1 , < 16.0.10380.20000 (custom)
    cpe:2.3:a:microsoft:office_online_server:-:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office LTSC for Mac 2021 Affected: 16.0.1 , < 16.55.21111400 (custom)
    cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*
 Create a notification for this product.
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Excel 2016 Affected: 16.0.0.0 , < 16.0.5239.1001 (custom)
    cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Excel 2013 Service Pack 1 Affected: 15.0.0.0 , < 15.0.5397.1001 (custom)
    cpe:2.3:a:microsoft:excel:2013:sp1:*:*:rt:*:*:*
    cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office Web Apps Server 2013 Service Pack 1 Affected: 15.0.1 , < 15.0.5397.1001 (custom)
    cpe:2.3:a:microsoft:office_web_apps_server:2013:sp1:*:*:*:*:*:*
 Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:44:10.509Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40442"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:sharepoint_server:2013:sp1:*:*:enterprise:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Microsoft SharePoint Enterprise Server 2013 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "15.0.5397.1001",
              "status": "affected",
              "version": "15.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "19.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Office 2019 for Mac",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.55.21111400",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office_online_server:-:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Office Online Server",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.0.10380.20000",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft 365 Apps for Enterprise",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Office LTSC for Mac 2021",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.55.21111400",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems",
            "32-bit Systems"
          ],
          "product": "Microsoft Office LTSC 2021",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Excel 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.0.5239.1001",
              "status": "affected",
              "version": "16.0.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:rt:*:*:*",
            "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:x64:*"
          ],
          "platforms": [
            "ARM64-based Systems",
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Excel 2013 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "15.0.5397.1001",
              "status": "affected",
              "version": "15.0.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office_web_apps_server:2013:sp1:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Office Web Apps Server 2013 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "15.0.5397.1001",
              "status": "affected",
              "version": "15.0.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2021-11-09T08:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Microsoft Excel Remote Code Execution Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-29T14:47:52.449Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40442"
        }
      ],
      "title": "Microsoft Excel Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2021-40442",
    "datePublished": "2021-11-10T00:46:31",
    "dateReserved": "2021-09-02T00:00:00",
    "dateUpdated": "2024-08-04T02:44:10.509Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-40442 (GCVE-0-2021-40442)

Vulnerability from – Published: 2021-11-10 00:46 – Updated: 2024-08-04 02:44
VLAI?
Title
Microsoft Excel Remote Code Execution Vulnerability
Summary
Microsoft Excel Remote Code Execution Vulnerability
Severity ?
7.8 (High)
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
CWE
  • Remote Code Execution
Assigner
References
Impacted products
Vendor Product Version
Microsoft Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Affected: 15.0.0 , < 15.0.5397.1001 (custom)
    cpe:2.3:a:microsoft:sharepoint_server:2013:sp1:*:*:enterprise:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2019 Affected: 19.0.0 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office 2019 for Mac Affected: 16.0.0 , < 16.55.21111400 (custom)
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*
 Create a notification for this product.
    Microsoft Microsoft Office Online Server Affected: 16.0.1 , < 16.0.10380.20000 (custom)
    cpe:2.3:a:microsoft:office_online_server:-:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft 365 Apps for Enterprise Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Office LTSC for Mac 2021 Affected: 16.0.1 , < 16.55.21111400 (custom)
    cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*
 Create a notification for this product.
    Microsoft Microsoft Office LTSC 2021 Affected: 16.0.1 , < https://aka.ms/OfficeSecurityReleases (custom)
    cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*
 Create a notification for this product.
    Microsoft Microsoft Excel 2016 Affected: 16.0.0.0 , < 16.0.5239.1001 (custom)
    cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Excel 2013 Service Pack 1 Affected: 15.0.0.0 , < 15.0.5397.1001 (custom)
    cpe:2.3:a:microsoft:excel:2013:sp1:*:*:rt:*:*:*
    cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:x86:*
    cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:x64:*
 Create a notification for this product.
    Microsoft Microsoft Office Web Apps Server 2013 Service Pack 1 Affected: 15.0.1 , < 15.0.5397.1001 (custom)
    cpe:2.3:a:microsoft:office_web_apps_server:2013:sp1:*:*:*:*:*:*
 Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:44:10.509Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40442"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:sharepoint_server:2013:sp1:*:*:enterprise:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Microsoft SharePoint Enterprise Server 2013 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "15.0.5397.1001",
              "status": "affected",
              "version": "15.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Office 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "19.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Office 2019 for Mac",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.55.21111400",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office_online_server:-:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Office Online Server",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.0.10380.20000",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft 365 Apps for Enterprise",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Office LTSC for Mac 2021",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.55.21111400",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems",
            "32-bit Systems"
          ],
          "product": "Microsoft Office LTSC 2021",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "https://aka.ms/OfficeSecurityReleases",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x64:*"
          ],
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Excel 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.0.5239.1001",
              "status": "affected",
              "version": "16.0.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:rt:*:*:*",
            "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:x86:*",
            "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:x64:*"
          ],
          "platforms": [
            "ARM64-based Systems",
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Microsoft Excel 2013 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "15.0.5397.1001",
              "status": "affected",
              "version": "15.0.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:office_web_apps_server:2013:sp1:*:*:*:*:*:*"
          ],
          "platforms": [
            "Unknown"
          ],
          "product": "Microsoft Office Web Apps Server 2013 Service Pack 1",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "15.0.5397.1001",
              "status": "affected",
              "version": "15.0.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2021-11-09T08:00:00+00:00",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Microsoft Excel Remote Code Execution Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-29T14:47:52.449Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40442"
        }
      ],
      "title": "Microsoft Excel Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2021-40442",
    "datePublished": "2021-11-10T00:46:31",
    "dateReserved": "2021-09-02T00:00:00",
    "dateUpdated": "2024-08-04T02:44:10.509Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

displaying 2471 - 2480 organizations in total 2658