VDB
CVE-2023-35311
CVE-2023-35311
PUBLISHED
KEV
In Microsoft 365 Apps, Microsoft Excel, Microsoft Office, Microsoft Office Online Server, Microsoft Outlook, Microsoft SharePoint und Microsoft Word existieren mehrere Schwachstellen. Diese werden von Microsoft nicht im Detail beschrieben. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen, Sicherheitsvorkehrungen zu umgehen oder Dateien zu manipulieren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich.
EPSS 0.47% · 65.2th percentile
Risk Scores
EPSS Score
0.47%
65.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft Office Online Server | |
| Xerox | Xerox FreeFlow Print Server v2 | |
| Microsoft | Microsoft Office 2019 for Mac | |
| Microsoft | Microsoft Office 2016 | |
| Fedora | Fedora Linux | |
| Microsoft | Microsoft Word 2013 RT SP1 | |
| Xerox | Xerox FreeFlow Print Server v9 | |
| Xerox | Xerox FreeFlow Print Server v7 for Solaris | |
| Microsoft | Microsoft Excel 2016 | |
| Microsoft | Microsoft Office 2013 Click-to-Run (C2R) | |
| Amazon | Amazon Linux 2 | |
| Microsoft | Microsoft Word 2016 | |
| Microsoft | Microsoft Office for Universal | |
| Microsoft | Microsoft Outlook 2016 | |
| Microsoft | Microsoft Office 2013 SP1 | |
| Gentoo | Gentoo Linux | |
| Microsoft | Microsoft Word 2013 SP1 | |
| Microsoft | Microsoft Office LTSC 2021 | |
| Microsoft | Microsoft SharePoint Enterprise Server 2016 | |
| Microsoft | Microsoft Office LTSC for Mac 2021 |
…and 9 more
Timeline
- Jul 11, 2023 CISA KEV Added
- Jul 11, 2023 CVE Published
- Jul 12, 2023 EPSS Score
- Jul 21, 2023 CVE Updated
- Sep 19, 2023 EPSS Score
- Oct 24, 2023 EPSS Score
- Jan 1, 2024 EPSS Score
- Feb 5, 2024 EPSS Score
- Apr 14, 2024 EPSS Score
- Jun 22, 2024 EPSS Score
- Jul 26, 2024 EPSS Score
- Aug 30, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1720.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1720 advisory
- https://msrc.microsoft.com/update-guide/de-DE/vulnerability/ADV230003 advisory
- https://msrc.microsoft.com/update-guide advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2031.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2031 advisory
- https://security.business.xerox.com/wp-content/uploads/2023/08/cert_XRX23-011_FFPSv7-S11_MediaInstall_Aug2023.pdf advisory
- https://security.business.xerox.com/wp-content/uploads/2023/08/cert_XRX23-012_FFPSv2_Win10_SecurityBulletin_Aug2023.pdf advisory
- https://securitydocs.business.xerox.com/wp-content/uploads/2023/08/Xerox-Security-Bulletin-XRX23-013-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf advisory
- https://alas.aws.amazon.com/AL2/ALAS-2023-2331.html advisory
- https://security.gentoo.org/glsa/202408-17 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2025-d2d3a5fa79 advisory