Vulnerability Details CVE-2018-8247
An elevation of privilege vulnerability exists when Office Web Apps Server 2013 and Office Online Server fail to properly handle web requests, aka "Microsoft Office Elevation of Privilege Vulnerability." This affects Microsoft Office, Microsoft Office Online Server. This CVE ID is unique from CVE-2018-8245.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.016
EPSS Ranking 80.6%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 5.8
References
- http://www.securityfocus.com/bid/104319
- http://www.securitytracker.com/id/1041104
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8247
- http://www.securityfocus.com/bid/104319
- http://www.securitytracker.com/id/1041104
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8247
Products affected by CVE-2018-8247
-
cpe:2.3:a:microsoft:office_online_server:2016
-
cpe:2.3:a:microsoft:office_web_apps:2013