Lucene search
MicrosoftMS:CVE-2022-21840HistoryJan 11, 2022 - 8:00 a.m.
Microsoft Office Remote Code Execution Vulnerability
2022-01-1108:00:00
Microsoft
msrc.microsoft.com
19
microsoft
office
remote code execution
vulnerability
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.8
Confidence
High
EPSS
0.082
Percentile
94.5%
Affected configurations
Node
microsoftsharepoint_foundationRange<15.0.5415.1000
ORmicrosoftsharepoint_foundationRange<15.0.5415.1000
ORmicrosoftoffice_web_apps_serverRange<15.0.5415.1000
ORmicrosoftofficeRange<15.0.5415.1000
ORmicrosoftofficeRange<15.0.5415.1001
ORmicrosoftofficeRange<15.0.5415.1000
ORmicrosoftofficeRange<15.0.5415.1000
ORmicrosoftofficeRange<15.0.5415.1001
ORmicrosoftofficeRange<15.0.5415.1000
ORmicrosoftofficeRange<15.0.5415.1000
ORmicrosoftofficeRange<15.0.5415.1001
ORmicrosoftofficeRange<15.0.5415.1000
ORmicrosoftexcelRange<15.0.5415.1000
ORmicrosoftexcelRange<15.0.5415.1000
ORmicrosoftexcelRange<15.0.5415.1000
ORmicrosoftofficeRange<16.0.5266.1000
ORmicrosoftofficeRange<16.0.5266.1001
ORmicrosoftofficeRange<16.0.5266.1000
ORmicrosoftofficeRange<16.0.5266.1000
ORmicrosoftofficeRange<16.0.5266.1001
ORmicrosoftofficeRange<16.0.5266.1000
ORmicrosoftexcelRange<16.0.5266.1000
ORmicrosoftexcelRange<16.0.5266.1000
ORmicrosoftsharepoint_serverRange<16.0.14326.20714
ORmicrosoftsharepoint_serverRange<16.0.14326.20714
ORmicrosoftoffice_long_term_servicing_channelRange<https://aka.ms/OfficeSecurityReleases
ORmicrosoftoffice_long_term_servicing_channelRange<https://aka.ms/OfficeSecurityReleases
ORmicrosoftoffice_long_term_servicing_channelRange<16.57.22011101
ORmicrosoft365_appsRange<https://aka.ms/OfficeSecurityReleases
ORmicrosoft365_appsRange<https://aka.ms/OfficeSecurityReleases
ORmicrosoftoffice_online_serverRange<16.0.10382.20004
ORmicrosoftofficeRange<16.57.22011101
ORmicrosoftofficeRange<https://aka.ms/OfficeSecurityReleases
ORmicrosoftofficeRange<https://aka.ms/OfficeSecurityReleases
ORmicrosoftsharepoint_serverRange<16.0.10382.20004
ORmicrosoftsharepoint_serverRange<16.0.10382.20004
ORmicrosoftsharepoint_serverRange<15.0.5415.1000
ORmicrosoftsharepoint_serverRange<15.0.5415.1000
ORmicrosoftsharepoint_serverRange<16.0.5266.1000
ORmicrosoftsharepoint_serverRange<16.0.5266.1000
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | sharepoint_foundation | * | cpe:2.3:a:microsoft:sharepoint_foundation:*:*:*:*:*:*:*:* |
| microsoft | office_web_apps_server | * | cpe:2.3:a:microsoft:office_web_apps_server:*:*:*:*:*:*:*:* |
| microsoft | office | * | cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:* |
| microsoft | excel | * | cpe:2.3:a:microsoft:excel:*:*:*:*:*:*:*:* |
| microsoft | sharepoint_server | * | cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:*:*:*:* |
| microsoft | office_long_term_servicing_channel | * | cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:* |
| microsoft | 365_apps | * | cpe:2.3:a:microsoft:365_apps:*:*:*:*:*:*:*:* |
| microsoft | office_online_server | * | cpe:2.3:a:microsoft:office_online_server:*:*:*:*:*:*:*:* |
Related
mskb
mskb
openvas
openvas
Microsoft Office 2016 Remote Code Execution Vulnerability (KB5002060)
2022-01-12 00:00:00
Microsoft Excel 2013 RCE Vulnerability (KB5002128)
2022-01-13 00:00:00
Microsoft Office 2016 Remote Code Execution Vulnerability (KB5002052)
2022-01-12 00:00:00
nvd
nvd
CVE-2022-21840
2022-01-11 21:15:09
nessus
nessus
Security Updates for Microsoft Office Web Apps (January 2022)
2022-01-13 00:00:00
Security Updates for Microsoft SharePoint Server 2019 (January 2022)
2022-01-12 00:00:00
Security Updates for Microsoft Office Products C2R (January 2022)
2022-06-10 00:00:00
cve
cve
CVE-2022-21840
2022-01-11 21:15:09
prion
prion
Remote code execution
2022-01-11 21:15:00
cvelist
cvelist
CVE-2022-21840 Microsoft Office Remote Code Execution Vulnerability
2022-01-11 20:22:19
kaspersky
kaspersky
KLA12414 Multiple vulnerabilities in Microsoft Office
2022-01-11 00:00:00
qualysblog
qualysblog
krebs
krebs
βWormableβ Flaw Leads January 2022 Patch Tuesday
2022-01-11 22:18:55
avleonov
avleonov
Microsoft Patch Tuesday January 2022
2022-01-16 20:17:20
hivepro
hivepro
Microsoft Patch Tuesday fixes critical zero-days along with 97 other flaws
2022-01-12 07:30:07
thn
thn
threatpost
threatpost
Microsoft Faces Wormable, Critical RCE Bug & 6 Zero-Days
2022-01-11 21:54:57
rapid7blog
rapid7blog
Patch Tuesday - January 2022
2022-01-11 21:41:56
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.8
Confidence
High
EPSS
0.082
Percentile
94.5%
Related for MS:CVE-2022-21840