Lucene search

CISACISA-KEV-CVE-2024-38189

HistoryAug 13, 2024 - 12:00 a.m.

Microsoft Project Remote Code Execution Vulnerability

2024-08-1300:00:00

CISA

www.cisa.gov

microsoft project

remote code execution

vulnerability

remote access

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

Low

EPSS

0.012

Percentile

85.8%

JSON

Microsoft Project contains an unspecified vulnerability that allows for remote code execution via a malicious file.

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

Low

EPSS

0.012

Percentile

85.8%

JSON

Related for CISA-KEV-CVE-2024-38189