cbcvebase.
CVE-2023-36761
published 2023-09-12

CVE-2023-36761: Microsoft Word Information Disclosure Vulnerability

medium6.5CVSS 3.1
AVNACLPRNUIRSUCHINAN
KEVITW
CISA Known Exploited Vulnerabilitydue 2023-10-03
Exploited in the wild
Microsoft Word Information Disclosure Vulnerability

Affected

18 ranges
VendorProductVersion rangeFixed in
microsoftmicrosoft_365_apps_for_enterprise>= 16.0.1 < https://aka.ms/OfficeSecurityReleaseshttps://aka.ms/OfficeSecurityReleases
microsoftmicrosoft_office_2019>= 19.0.0 < https://aka.ms/OfficeSecurityReleaseshttps://aka.ms/OfficeSecurityReleases
microsoftmicrosoft_office_ltsc_2021>= 16.0.1 < https://aka.ms/OfficeSecurityReleaseshttps://aka.ms/OfficeSecurityReleases
microsoftmicrosoft_word_2013_service_pack_1>= 15.0.1 < 15.0.5589.100115.0.5589.1001
microsoftmicrosoft_word_2016>= 16.0.1 < 16.0.5413.100016.0.5413.1000
microsoftoffice
microsoftoffice_long_term_servicing_channel
microsoftword
microsoftword
msrcmicrosoft_365_apps_for_enterprise_for_32-bit_systems
msrcmicrosoft_365_apps_for_enterprise_for_64-bit_systems
msrcmicrosoft_office_2019_for_32-bit_editions
msrcmicrosoft_office_2019_for_64-bit_editions
msrcmicrosoft_office_ltsc_2021_for_32-bit_editions
msrcmicrosoft_office_ltsc_2021_for_64-bit_editions
msrcmicrosoft_word_2013_rt_service_pack_1
msrcmicrosoft_word_2013_service_pack_1
msrcmicrosoft_word_2016

CVSS provenance

nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
vulncheck6.5MEDIUM
cisa6.5MEDIUM