CVE-2023-36769

MEDIUM4.6Auth bypass

JSON export Create alert

Description

Microsoft OneNote Spoofing Vulnerability

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

None

E

Unchanged

RL

O

RC

Changed

Affected products

Microsoft / Microsoft Office 201919.0.0 – https://aka.ms/OfficeSecurityReleases
Microsoft / Microsoft Office LTSC 202116.0.1 – https://aka.ms/OfficeSecurityReleases
Microsoft / Microsoft OneNote 201315.0.0 – 15.0.5579.1000
Microsoft / Microsoft OneNote 2013 Service Pack 115.0.0 – 15.0.5579.1000
Microsoft / Microsoft OneNote 201616.0.0 – 16.0.5408.1000

References

VENDOR_ADVISORYhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36769