Risk Scores
CVSS v3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
EPSS Score
1.17%
78.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft Office for Android | 16.0.1 |
| Microsoft | Microsoft SharePoint Server Subscription Edition | 16.0.0 |
| microsoft | sharepoint_server | 15.0.0, 16.0.0, 16.0.0 |
| Microsoft | Microsoft SharePoint Enterprise Server 2016 | 16.0.0 |
| Microsoft | Microsoft SharePoint Enterprise Server 2013 Service Pack 1 | 15.0.0 |
| microsoft | sharepoint_foundation | 15.0.0 |
| Microsoft | Microsoft SharePoint Server 2019 | 16.0.0 |
| Microsoft | Microsoft SharePoint Foundation 2013 Service Pack 1 | 15.0.0 |
| microsoft | office | 16.0.16026.20172, 16.0.1, 16.0.16026.20172 |
Timeline
- Mar 14, 2023 CVE Published
- Mar 15, 2023 EPSS Score
- Mar 15, 2023 PoC Published
- Mar 15, 2023 PoC Published
- Mar 16, 2023 PoC Published
- Mar 23, 2023 PoC Published
- Mar 25, 2023 PoC Published
- Apr 22, 2023 EPSS Score
- May 30, 2023 EPSS Score
- Jul 14, 2023 PoC Published
- Jul 15, 2023 PoC Published
- Aug 14, 2023 EPSS Score
References
- Office for Android Spoofing Vulnerability vendor-advisory
- https://msrc.microsoft.com/update-guide/ advisory
- https://nvd.nist.gov/vuln/detail/CVE-2023-23391 advisory
- Microsoft SharePoint Server Spoofing Vulnerability vendor-advisory