Home

CVE-2021-34478

Description

Microsoft Office Remote Code Execution Vulnerability

Risk Information

Base Score
7.7
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
EPSS Score
Exploitation Probability
9.479

Associated Vulnerability

VulnerabilityOS Platform
Microsoft Office Remote Code Execution Vulnerability for Office 2019 for x86 1808 of version(10377.20023)Windows
Microsoft Office Remote Code Execution Vulnerability for Office 2019 x64 1808 (Build:10377.20023)Windows
Microsoft Office Remote Code Execution Vulnerability for Office 2019 for x64 1808 of version(10377.20023)Windows
Microsoft Office Remote Code Execution Vulnerability for Office 2019 for 1808 of Volume License Version(10377.20023) (Online Installer)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Channel for x64 2102 of version(13801.20864)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Channel for x86 2102 of version(13801.20864)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Semi Annual Channel for x64 2102 of version(13801.20864)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Semi Annual Channel for x86 2102 of version(13801.20864)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x64 2102 of version(13801.20864)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x86 2102 of version(13801.20864)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi-Annual Channel Version 2102 (Build 13801.20864) (Online Installer)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Targeted Channel Version 2102 (Build 13801.20864) (Online Installer)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Current Channel for x64 2107 of version(14228.20250)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Current Channel for x86 2107 of version(14228.20250)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Current Channel for x64 2107 of version(14228.20250)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Current Channel for x86 2107 of version(14228.20250)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Current Channel Version 2107 (Build 14228.20250) (Online Installer)Windows
Microsoft Office Remote Code Execution Vulnerability for Office 2019 x64 2107 (Build:14228.20250)Windows
Microsoft Office Remote Code Execution Vulnerability for Office 2019 for x64 2107 Retail Version (14228.20250)Windows
Microsoft Office Remote Code Execution Vulnerability for Office 2019 x86 Version 2107 (Build 14228.20250)Windows
Microsoft Office Remote Code Execution Vulnerability for Office 2019 for x86 2107 Retail Version (14228.20250)Windows
Microsoft Office Remote Code Execution Vulnerability for Office 2019 for 2107 Retail Version (14228.20250) (Online Installer)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-31995Update for Office 2019 for x86 1808 of version(10377.20023)
PATCH-31996Office 2016 Deployment Tool for Office 2019 x64 1808 (Build:10377.20023)
PATCH-31997Update for Office 2019 for x64 1808 of version(10377.20023)
PATCH-32013Update for Office 2019 for 1808 of Volume License Version(10377.20023) (Online Installer)
PATCH-31999Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x64 2102 of version(13801.20864)
PATCH-32001Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x86 2102 of version(13801.20864)
PATCH-32003Update for Microsoft 365 Apps for Business Semi Annual Channel for x64 2102 of version(13801.20864)
PATCH-32005Update for Microsoft 365 Apps for Business Semi Annual Channel for x86 2102 of version(13801.20864)
PATCH-32007Update for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x64 2102 of version(13801.20864)
PATCH-32009Update for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x86 2102 of version(13801.20864)
PATCH-32011Update for Microsoft 365 Apps for Enterprise Semi-Annual Channel Version 2102 (Build 13801.20864) (Online Installer)
PATCH-32012Update for Microsoft 365 Apps for Enterprise Targeted Channel Version 2102 (Build 13801.20864) (Online Installer)
PATCH-31987Update for Microsoft 365 Apps for Enterprise Current Channel for x64 2107 of version(14228.20250)
PATCH-31989Update for Microsoft 365 Apps for Enterprise Current Channel for x86 2107 of version(14228.20250)
PATCH-31991Update for Microsoft 365 Apps for Business Current Channel for x64 2107 of version(14228.20250)
PATCH-31993Update for Microsoft 365 Apps for Business Current Channel for x86 2107 of version(14228.20250)
PATCH-32010Update for Microsoft 365 Apps for Enterprise Current Channel Version 2107 (Build 14228.20250) (Online Installer)
PATCH-32014Office 2016 Deployment Tool for Office 2019 x64 2107 (Build:14228.20250)
PATCH-32015Update for Office 2019 for x64 2107 Retail Version (14228.20250)
PATCH-32017Update for Office 2019 for x86 2107 Retail Version (14228.20250)
PATCH-32027Update for Office 2019 for 2107 Retail Version (14228.20250) (Online Installer)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234