nvd-json-data-feeds/CVE-2020/CVE-2020-09xx/CVE-2020-0961.json

{
  "id": "CVE-2020-0961",
  "sourceIdentifier": "secure@microsoft.com",
  "published": "2020-04-15T15:15:17.777",
  "lastModified": "2021-07-21T11:39:23.747",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'."
    },
    {
      "lang": "es",
      "value": "Hay una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota cuando el Microsoft Office Access Connectivity Engine maneja inapropiadamente objetos en memoria, tambi\u00e9n se conoce como \"Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability\"."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "NONE",
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": true
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "081DE1E3-4622-4C32-8B9C-9AEC1CD20638"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:office:2013:*:*:*:rt:*:*:*",
              "matchCriteriaId": "F1B08C24-2704-4F73-8281-99D4DA5B9FA6"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "120690A6-E0A1-4E36-A35A-C87109ECC064"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0B3B0BC-C7C6-4687-AD72-DCA29FF9AE3A"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF177984-A906-43FA-BF60-298133FBBD6B"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:office_365_proplus:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA035812-F35A-43F1-9A8D-EE02201AA10A"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0961",
      "source": "secure@microsoft.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    }
  ]
}
bootstrap 2023-04-24 12:24:31 +02:00			`{`
			`"id": "CVE-2020-0961",`
			`"sourceIdentifier": "secure@microsoft.com",`
			`"published": "2020-04-15T15:15:17.777",`
			`"lastModified": "2021-07-21T11:39:23.747",`
			`"vulnStatus": "Analyzed",`
			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'."`
			`},`
			`{`
			`"lang": "es",`
			`"value": "Hay una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota cuando el Microsoft Office Access Connectivity Engine maneja inapropiadamente objetos en memoria, tambi\u00e9n se conoce como \"Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability\"."`
			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV31": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",`
			`"attackVector": "LOCAL",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "NONE",`
			`"userInteraction": "REQUIRED",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "HIGH",`
			`"integrityImpact": "HIGH",`
			`"availabilityImpact": "HIGH",`
			`"baseScore": 7.8,`
			`"baseSeverity": "HIGH"`
			`},`
			`"exploitabilityScore": 1.8,`
			`"impactScore": 5.9`
			`}`
			`],`
			`"cvssMetricV2": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"cvssData": {`
			`"version": "2.0",`
			`"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",`
			`"accessVector": "NETWORK",`
			`"accessComplexity": "MEDIUM",`
			`"authentication": "NONE",`
			`"confidentialityImpact": "COMPLETE",`
			`"integrityImpact": "COMPLETE",`
			`"availabilityImpact": "COMPLETE",`
			`"baseScore": 9.3`
			`},`
			`"baseSeverity": "HIGH",`
			`"exploitabilityScore": 8.6,`
			`"impactScore": 10.0,`
			`"acInsufInfo": false,`
			`"obtainAllPrivilege": false,`
			`"obtainUserPrivilege": false,`
			`"obtainOtherPrivilege": false,`
			`"userInteractionRequired": true`
			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "NVD-CWE-noinfo"`
			`}`
			`]`
			`}`
			`],`
			`"configurations": [`
			`{`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:microsoft:office:2010:sp2::::::",`
			`"matchCriteriaId": "081DE1E3-4622-4C32-8B9C-9AEC1CD20638"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:microsoft:office:2013::::rt:::",`
			`"matchCriteriaId": "F1B08C24-2704-4F73-8281-99D4DA5B9FA6"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:microsoft:office:2013:sp1::::::",`
			`"matchCriteriaId": "120690A6-E0A1-4E36-A35A-C87109ECC064"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:microsoft:office:2016:::::::*",`
			`"matchCriteriaId": "E0B3B0BC-C7C6-4687-AD72-DCA29FF9AE3A"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:microsoft:office:2019:::::::*",`
			`"matchCriteriaId": "FF177984-A906-43FA-BF60-298133FBBD6B"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:microsoft:office_365_proplus:-:::::::*",`
			`"matchCriteriaId": "CA035812-F35A-43F1-9A8D-EE02201AA10A"`
			`}`
			`]`
			`}`
			`]`
			`}`
			`],`
			`"references": [`
			`{`
			`"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0961",`
			`"source": "secure@microsoft.com",`
			`"tags": [`
			`"Patch",`
			`"Vendor Advisory"`
			`]`
			`}`
			`]`
			`}`