CVE-2021-34451: Microsoft Office Online Server Spoofing Vulnerability

Overview

Severity

Medium (CVSS 5.3)

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C

Category

Spoofing

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2021-Jul

Released

2021-07-13

EPSS Score

0.69% (percentile: 71.8%)

FAQ

Is the Preview Pane an attack vector for this vulnerability? No, the Preview Pane is not an attack vector.

Affected Products (1)

Microsoft Office

• Microsoft Office Online Server

Security Updates (1)

• 5001973

Acknowledgments

Pio

Revision History

• 2021-07-13: Information published.