VDB
CVE-2023-23395
CVE-2023-23395
PUBLISHED
CVSS 3.0999999046325684 LOW
Microsoft Excel Denial of Service Vulnerability
EPSS 6.28% · 91.1th percentile
Risk Scores
CVSS 3.1
3.0999999046325684
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C
EPSS Score
6.28%
91.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft SharePoint Foundation 2013 Service Pack 1 | 15.0.0 |
| microsoft | office_online_server | 16.0.1 |
| Microsoft | Microsoft Office Online Server | 16.0.1 |
| Microsoft | Microsoft SharePoint Enterprise Server 2013 Service Pack 1 | 15.0.0 |
| Microsoft | Microsoft Office Web Apps Server 2013 Service Pack 1 | 15.0.1 |
| Microsoft | Microsoft SharePoint Enterprise Server 2016 | 16.0.0 |
| Microsoft | Microsoft SharePoint Server 2019 | 16.0.0 |
| microsoft | office_web_apps_server | 15.0.1 |
| microsoft | sharepoint_server | 2013, 2019, 2013 |
| Microsoft | Microsoft SharePoint Server Subscription Edition | 16.0.0 |
| microsoft | sharepoint_foundation | 2013, 2013, 2013 |
Exploit Intelligence
- https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1 (msrc)
- Microsoft Excel Denial of Service Vulnerability (circl)
- Microsoft SharePoint Server Spoofing Vulnerability (circl)
- expl_outlook_cve_2023_23397.yar (github-yara)
- expl_outlook_cve_2023_23397.yar (github-yara)
- expl_outlook_cve_2023_23397.yar (github-yara)
- expl_outlook_cve_2023_23397.yar (github-yara)
- expl_outlook_cve_2023_23397.yar (github-yara)
- EXPL_SUSP_Outlook_CVE_2023_23397_Exfil_IP_Mar23_RID363D.yar (github-yara)
- EXPL_SUSP_Outlook_CVE_2023_23397_Exfil_IP_Mar23_RID363D.yar (github-yara)
…and 288 more exploits
Timeline
- Mar 14, 2023 CVE Published
- Mar 15, 2023 EPSS Score
- Mar 15, 2023 PoC Published
- Mar 15, 2023 PoC Published
- Mar 16, 2023 PoC Published
- Mar 23, 2023 PoC Published
- Mar 25, 2023 PoC Published
- Apr 23, 2023 EPSS Score
- Jul 9, 2023 EPSS Score
- Jul 14, 2023 PoC Published
- Jul 15, 2023 PoC Published
- Aug 17, 2023 EPSS Score
References
- https://msrc.microsoft.com/update-guide/ advisory
- Microsoft SharePoint Server Spoofing Vulnerability vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2023-23395 advisory
- Microsoft Excel Denial of Service Vulnerability vendor-advisory