Description
Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None
E
Unchanged
RL
O
RC
Changed
Affected products
- Microsoft / Microsoft 365 Apps for Enterprise16.0.1 – https://aka.ms/OfficeSecurityReleases
- Microsoft / Microsoft Office 201919.0.0 – https://aka.ms/OfficeSecurityReleases
- Microsoft / Microsoft Office LTSC 202116.0.1 – https://aka.ms/OfficeSecurityReleases
- Microsoft / Microsoft Office LTSC 202416.0.0 – https://aka.ms/OfficeSecurityReleases
- Microsoft / Microsoft Word 201616.0.1 – 16.0.5552.1000