ghsa-9635-5wrr-hhvf
Vulnerability from github
Published
2022-05-13 01:53
Modified
2022-05-13 01:53
Severity
5.4 (Medium) - CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Details

An elevation of privilege vulnerability exists when Office Web Apps Server 2013 and Office Online Server fail to properly handle web requests, aka "Microsoft Office Elevation of Privilege Vulnerability." This affects Microsoft Office, Microsoft Office Online Server. This CVE ID is unique from CVE-2018-8245.

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2018-8247"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-06-14T12:29:00Z",
    "severity": "MODERATE"
  },
  "details": "An elevation of privilege vulnerability exists when Office Web Apps Server 2013 and Office Online Server fail to properly handle web requests, aka \"Microsoft Office Elevation of Privilege Vulnerability.\" This affects Microsoft Office, Microsoft Office Online Server. This CVE ID is unique from CVE-2018-8245.",
  "id": "GHSA-9635-5wrr-hhvf",
  "modified": "2022-05-13T01:53:36Z",
  "published": "2022-05-13T01:53:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8247"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8247"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/104319"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1041104"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.