Home

CVE-2021-40454

Description

Rich Text Edit Control Information Disclosure Vulnerability

Risk Information

Base Score
5.4
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:F/RL:O/RC:C
EPSS Score
Exploitation Probability
0.113

Associated Vulnerability

VulnerabilityOS Platform
Storage Spaces Controller Elevation of Privilege Vulnerability for Windows 10 Version 1909 for x64-based Systems (KB5006667) (CVE-2021-40449) (CVE-2021-41335) (CVE-2021-41338)Windows
Storage Spaces Controller Elevation of Privilege Vulnerability for Windows 10 Version 1909 for x86-based Systems (KB5006667) (CVE-2021-40449) (CVE-2021-41335) (CVE-2021-41338)Windows
Storage Spaces Controller Elevation of Privilege Vulnerability for Windows 10 Version 1607 for x64-based Systems (KB5006669) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)Windows
Storage Spaces Controller Elevation of Privilege Vulnerability for Windows 10 Version 1607 for x86-based Systems (KB5006669) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)Windows
Storage Spaces Controller Elevation of Privilege Vulnerability for Windows Server 2016 for x64-based Systems (KB5006669) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)Windows
Storage Spaces Controller Elevation of Privilege Vulnerability for Windows 10 Version 20H2 for x64-based Systems (KB5006670) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)Windows
Storage Spaces Controller Elevation of Privilege Vulnerability for Windows Server, version 2004 for x64-based Systems (KB5006670) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)Windows
Storage Spaces Controller Elevation of Privilege Vulnerability for Windows 10 Version 20H2 for x86-based Systems (KB5006670) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)Windows
Storage Spaces Controller Elevation of Privilege Vulnerability for Windows 10 Version 2004 for x86-based Systems (KB5006670) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)Windows
Storage Spaces Controller Elevation of Privilege Vulnerability for Windows 10 Version 2004 for x64-based Systems (KB5006670) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)Windows
Storage Spaces Controller Elevation of Privilege Vulnerability for Windows 10 Version 21H1 for x64-based Systems (KB5006670) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)Windows
Storage Spaces Controller Elevation of Privilege Vulnerability for Windows 10 Version 21H1 for x86-based Systems (KB5006670) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)Windows
Storage Spaces Controller Elevation of Privilege Vulnerability for Windows Server 2019 for x64-based Systems (KB5006672) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)Windows
Storage Spaces Controller Elevation of Privilege Vulnerability for Windows 10 Version 1809 for x64-based Systems (KB5006672) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)Windows
Storage Spaces Controller Elevation of Privilege Vulnerability for Windows 10 Version 1809 for x86-based Systems (KB5006672) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)Windows
Storage Spaces Controller Elevation of Privilege Vulnerability for Windows 11 for x64-based Systems (KB5006674) (CVE-2021-40449)Windows
Storage Spaces Controller Elevation of Privilege Vulnerability for Windows 10 Version 1507 for x86-based Systems (KB5006675) (CVE-2021-40449) (CVE-2021-41335) (CVE-2021-41338)Windows
Storage Spaces Controller Elevation of Privilege Vulnerability for Windows 10 Version 1507 for x64-based Systems (KB5006675) (CVE-2021-40449) (CVE-2021-41335) (CVE-2021-41338)Windows
Storage Spaces Controller Elevation of Privilege Vulnerability for Microsoft server operating system version 21H2 for x64-based Systems (KB5006699) (CVE-2021-40449) (CVE-2021-40469)Windows
Storage Spaces Controller Elevation of Privilege Vulnerability for Windows Server 2012 R2 for x64-based Systems (KB5006714) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)Windows
Storage Spaces Controller Elevation of Privilege Vulnerability for Windows 8.1 for x64-based Systems (KB5006714) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)Windows
Storage Spaces Controller Elevation of Privilege Vulnerability for Windows 8.1 for x86-based Systems (KB5006714) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)Windows
Storage Spaces Controller Elevation of Privilege Vulnerability for Windows 8.1 for x86-based Systems (KB5006729) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)Windows
Storage Spaces Controller Elevation of Privilege Vulnerability for Windows Server 2012 R2 for x64-based Systems (KB5006729) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)Windows
Storage Spaces Controller Elevation of Privilege Vulnerability for Windows 8.1 for x64-based Systems (KB5006729) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)Windows
Storage Spaces Controller Elevation of Privilege Vulnerability for Windows Server 2012 for x64-based Systems (KB5006732) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)Windows
Storage Spaces Controller Elevation of Privilege Vulnerability for Windows Server 2012 for x64-based Systems (KB5006739) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)Windows
Rich Text Edit Control Information Disclosure Vulnerability for Microsoft Office 2013 (KB4018332) 64-Bit EditionWindows
Rich Text Edit Control Information Disclosure Vulnerability for Microsoft Office 2013 (KB4018332) 32-Bit EditionWindows
Rich Text Edit Control Information Disclosure Vulnerability for Microsoft Office 2016 (KB4461476) 64-Bit EditionWindows
Rich Text Edit Control Information Disclosure Vulnerability for Microsoft Office 2016 (KB4461476) 32-Bit EditionWindows
Rich Text Edit Control Information Disclosure Vulnerability for Office 2019 for x86 1808 of version(10379.20043)Windows
Rich Text Edit Control Information Disclosure Vulnerability for Office 2019 for x64 1808 of version(10379.20043)Windows
Rich Text Edit Control Information Disclosure Vulnerability for Office 2019 for 1808 of Volume License Version (10379.20043) (Online Installer)Windows
Rich Text Edit Control Information Disclosure Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Channel for x64 2102 of version(13801.21004)Windows
Rich Text Edit Control Information Disclosure Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Channel for x86 2102 of version(13801.21004)Windows
Rich Text Edit Control Information Disclosure Vulnerability for Microsoft 365 Apps for Business Semi Annual Channel for x64 2102 of version(13801.21004)Windows
Rich Text Edit Control Information Disclosure Vulnerability for Microsoft 365 Apps for Business Semi Annual Channel for x86 2102 of version(13801.21004)Windows
Rich Text Edit Control Information Disclosure Vulnerability for Microsoft 365 Apps for Enterprise Semi-Annual Channel Version 2102 (Build 13801.21004) (Online Installer)Windows
Rich Text Edit Control Information Disclosure Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x64 2108 of version(14326.20508)Windows
Rich Text Edit Control Information Disclosure Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x86 2108 of version(14326.20508)Windows
Rich Text Edit Control Information Disclosure Vulnerability for Microsoft 365 Apps for Enterprise Targeted Channel Version 2108 (Build 14326.20508) (Online Installer)Windows
Rich Text Edit Control Information Disclosure Vulnerability for Microsoft 365 Apps for Enterprise Current Channel for x64 2109 of version(14430.20298)Windows
Rich Text Edit Control Information Disclosure Vulnerability for Microsoft 365 Apps for Enterprise Current Channel for x86 2109 of version(14430.20298)Windows
Rich Text Edit Control Information Disclosure Vulnerability for Microsoft 365 Apps for Business Current Channel for x64 2109 of version(14430.20298)Windows
Rich Text Edit Control Information Disclosure Vulnerability for Microsoft 365 Apps for Business Current Channel for x86 2109 of version(14430.20298)Windows
Rich Text Edit Control Information Disclosure Vulnerability for Microsoft 365 Apps for Enterprise Current Channel Version 2109 (Build 14430.20298) (Online Installer)Windows
Rich Text Edit Control Information Disclosure Vulnerability for Office 2019 for 2109 Retail Version (14430.20298) (Online Installer)Windows
Rich Text Edit Control Information Disclosure Vulnerability for Office 2019 for x64 2109 Retail Version (14430.20298)Windows
Rich Text Edit Control Information Disclosure Vulnerability for Office 2019 for x86 2109 Retail Version (14430.20298)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-321812021-10 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB5006667) (CVE-2021-40449) (CVE-2021-41335) (CVE-2021-41338)
PATCH-321822021-10 Cumulative Update for Windows 10 Version 1909 for x86-based Systems (KB5006667) (CVE-2021-40449) (CVE-2021-41335) (CVE-2021-41338)
PATCH-321772021-10 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB5006669) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
PATCH-321782021-10 Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB5006669) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
PATCH-321792021-10 Cumulative Update for Windows Server 2016 for x64-based Systems (KB5006669) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
PATCH-321652021-10 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5006670) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
PATCH-321672021-10 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5006670) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
PATCH-321682021-10 Cumulative Update for Windows 10 Version 20H2 for x86-based Systems (KB5006670) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
PATCH-321692021-10 Cumulative Update for Windows 10 Version 2004 for x86-based Systems (KB5006670) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
PATCH-321702021-10 Cumulative Update for Windows 10 Version 2004 for x64-based Systems (KB5006670) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
PATCH-321712021-10 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5006670) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
PATCH-321722021-10 Cumulative Update for Windows 10 Version 21H1 for x86-based Systems (KB5006670) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
PATCH-321832021-10 Cumulative Update for Windows Server 2019 for x64-based Systems (KB5006672) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
PATCH-321842021-10 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5006672) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
PATCH-321852021-10 Cumulative Update for Windows 10 Version 1809 for x86-based Systems (KB5006672) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
PATCH-321762021-10 Cumulative Update for Windows 11 for x64-based Systems (KB5006674) (CVE-2021-40449)
PATCH-321742021-10 Cumulative Update for Windows 10 Version 1507 for x86-based Systems (KB5006675) (CVE-2021-40449) (CVE-2021-41335) (CVE-2021-41338)
PATCH-321752021-10 Cumulative Update for Windows 10 Version 1507 for x64-based Systems (KB5006675) (CVE-2021-40449) (CVE-2021-41335) (CVE-2021-41338)
PATCH-321802021-10 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5006699) (CVE-2021-40449) (CVE-2021-40469)
PATCH-321952021-10 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB5006714) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
PATCH-321962021-10 Security Monthly Quality Rollup for Windows 8.1 for x64-based Systems (KB5006714) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
PATCH-321972021-10 Security Monthly Quality Rollup for Windows 8.1 for x86-based Systems (KB5006714) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
PATCH-321612021-10 Security Only Quality Update for Windows 8.1 for x86-based Systems (KB5006729) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
PATCH-321622021-10 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB5006729) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
PATCH-321632021-10 Security Only Quality Update for Windows 8.1 for x64-based Systems (KB5006729) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
PATCH-321642021-10 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB5006732) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
PATCH-321982021-10 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB5006739) (CVE-2021-40449) (CVE-2021-40469) (CVE-2021-41335) (CVE-2021-41338)
PATCH-32267Security Update for Microsoft Office 2013 (KB4018332) 64-Bit Edition
PATCH-32268Security Update for Microsoft Office 2013 (KB4018332) 32-Bit Edition
PATCH-32269Security Update for Microsoft Office 2016 (KB4461476) 64-Bit Edition
PATCH-32270Security Update for Microsoft Office 2016 (KB4461476) 32-Bit Edition
PATCH-32285Update for Office 2019 for x86 1808 of version(10379.20043)
PATCH-32287Update for Office 2019 for x64 1808 of version(10379.20043)
PATCH-32300Update for Office 2019 for 1808 of Volume License Version (10379.20043) (Online Installer)
PATCH-32289Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x64 2102 of version(13801.21004)
PATCH-32291Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x86 2102 of version(13801.21004)
PATCH-32293Update for Microsoft 365 Apps for Business Semi Annual Channel for x64 2102 of version(13801.21004)
PATCH-32295Update for Microsoft 365 Apps for Business Semi Annual Channel for x86 2102 of version(13801.21004)
PATCH-32302Update for Microsoft 365 Apps for Enterprise Semi-Annual Channel Version 2102 (Build 13801.21004) (Online Installer)
PATCH-32297Update for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x64 2108 of version(14326.20508)
PATCH-32299Update for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x86 2108 of version(14326.20508)
PATCH-32301Update for Microsoft 365 Apps for Enterprise Targeted Channel Version 2108 (Build 14326.20508) (Online Installer)
PATCH-32277Update for Microsoft 365 Apps for Enterprise Current Channel for x64 2109 of version(14430.20298)
PATCH-32279Update for Microsoft 365 Apps for Enterprise Current Channel for x86 2109 of version(14430.20298)
PATCH-32281Update for Microsoft 365 Apps for Business Current Channel for x64 2109 of version(14430.20298)
PATCH-32283Update for Microsoft 365 Apps for Business Current Channel for x86 2109 of version(14430.20298)
PATCH-32303Update for Microsoft 365 Apps for Enterprise Current Channel Version 2109 (Build 14430.20298) (Online Installer)
PATCH-32309Update for Office 2019 for 2109 Retail Version (14430.20298) (Online Installer)
PATCH-32311Update for Office 2019 for x64 2109 Retail Version (14430.20298)
PATCH-32313Update for Office 2019 for x86 2109 Retail Version (14430.20298)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234