Home

CVE-2021-31939

Description

Microsoft Excel Remote Code Execution Vulnerability

Risk Information

Base Score
7.7
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
EPSS Score
Exploitation Probability
7.402

Associated Vulnerability

VulnerabilityOS Platform
Microsoft Excel Remote Code Execution Vulnerability for Microsoft Excel 2016 (KB5001947) 64-Bit EditionWindows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft Excel 2016 (KB5001947) 32-Bit EditionWindows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft Office 2016 (KB5001951) 64-Bit EditionWindows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft Office 2016 (KB5001951) 32-Bit EditionWindows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft Office 2013 (KB5001955) 32-Bit EditionWindows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft Office 2013 (KB5001955) 64-Bit EditionWindows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft Office Web Apps Server 2013 (KB5001956)Windows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft Excel 2013 (KB5001963) 64-Bit EditionWindows
Microsoft Excel Remote Code Execution Vulnerability for Microsoft Excel 2013 (KB5001963) 32-Bit EditionWindows
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Office 2019 for x86 1808 of version(10375.20036)Windows
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Office 2019 x64 1808 (Build:10375.20036)Windows
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Office 2019 for x64 1808 of version(10375.20036)Windows
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Channel for x64 2008 of version(13127.21668)Windows
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Channel for x86 2008 of version(13127.21668)Windows
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Semi Annual Channel for x64 2008 of version(13127.21668)Windows
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Semi Annual Channel for x86 2008 of version(13127.21668)Windows
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi-Annual Channel Version 2008 (Build 13127.21668) (Online Installer)Windows
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x64 2102 of version(13801.20738)Windows
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x86 2102 of version(13801.20738)Windows
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Targeted Channel Version 2102 (Build 13801.20738) (Online Installer)Windows
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Current Channel for x64 2105 of version(14026.20270)Windows
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Current Channel for x86 2105 of version(14026.20270)Windows
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Current Channel for x64 2105 of version(14026.20270)Windows
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Current Channel for x86 2105 of version(14026.20270)Windows
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Current Channel Version 2105 (Build 14026.20270) (Online Installer)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-31603Security Update for Microsoft Excel 2016 (KB5001947) 64-Bit Edition
PATCH-31604Security Update for Microsoft Excel 2016 (KB5001947) 32-Bit Edition
PATCH-31601Security Update for Microsoft Office 2016 (KB5001951) 64-Bit Edition
PATCH-31602Security Update for Microsoft Office 2016 (KB5001951) 32-Bit Edition
PATCH-31597Security Update for Microsoft Office 2013 (KB5001955) 32-Bit Edition
PATCH-31598Security Update for Microsoft Office 2013 (KB5001955) 64-Bit Edition
PATCH-31596Security Update for Microsoft Office Web Apps Server 2013 (KB5001956)
PATCH-31599Security Update for Microsoft Excel 2013 (KB5001963) 64-Bit Edition
PATCH-31600Security Update for Microsoft Excel 2013 (KB5001963) 32-Bit Edition
PATCH-31621Update for Office 2019 for x86 1808 Volume License Version(10375.20036)
PATCH-31622Office 2016 Deployment Tool for Office 2019 x64 1808 (Build:10375.20036)
PATCH-31623Update for Office 2019 for x64 1808 Volume License Version(10375.20036)
PATCH-31625Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x64 2008 of version(13127.21668)
PATCH-31627Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x86 2008 of version(13127.21668)
PATCH-31629Update for Microsoft 365 Apps for Business Semi Annual Channel for x64 2008 of version(13127.21668)
PATCH-31631Update for Microsoft 365 Apps for Business Semi Annual Channel for x86 2008 of version(13127.21668)
PATCH-31636Update for Microsoft 365 Apps for Enterprise Semi-Annual Channel Version 2008 (Build 13127.21668) (Online Installer)
PATCH-31633Update for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x64 2102 of version(13801.20738)
PATCH-31635Update for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x86 2102 of version(13801.20738)
PATCH-31637Update for Microsoft 365 Apps for Enterprise Targeted Channel Version 2102 (Build 13801.20738) (Online Installer)
PATCH-31613Update for Microsoft 365 Apps for Enterprise Current Channel for x64 2105 of version(14026.20270)
PATCH-31615Update for Microsoft 365 Apps for Enterprise Current Channel for x86 2105 of version(14026.20270)
PATCH-31617Update for Microsoft 365 Apps for Business Current Channel for x64 2105 of version(14026.20270)
PATCH-31619Update for Microsoft 365 Apps for Business Current Channel for x86 2105 of version(14026.20270)
PATCH-31638Update for Microsoft 365 Apps for Enterprise Current Channel Version 2105 (Build 14026.20270) (Online Installer)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234