Vulnerability Details CVE-2023-23397
Microsoft Outlook Elevation of Privilege Vulnerability
Exploit prediction scoring system (EPSS) score
EPSS Score 0.935
EPSS Ranking 99.8%
CVSS Severity
CVSS v3 Score 9.8
Proposed Action
Microsoft Office Outlook contains a privilege escalation vulnerability that allows for a NTLM Relay attack against another service to authenticate as the user.
Ransomware Campaign
Unknown
References
Products affected by CVE-2023-23397
-
cpe:2.3:a:microsoft:365_apps:-
-
cpe:2.3:a:microsoft:office:2019
-
cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021
-
cpe:2.3:a:microsoft:outlook:2013
-
cpe:2.3:a:microsoft:outlook:2016