Vulnerability Details : CVE-2018-8579
An information disclosure vulnerability exists when attaching files to Outlook messages, aka "Microsoft Outlook Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office. This CVE ID is unique from CVE-2018-8558.
Vulnerability category: Information leak
Products affected by CVE-2018-8579
- cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:office_365_proplus:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-8579
0.49%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 76 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-8579
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.0
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:N/A:N |
8.0
|
2.9
|
NIST | |
6.5
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
2.8
|
3.6
|
NIST |
References for CVE-2018-8579
-
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8579
CVE-2018-8579 | Microsoft Outlook Information Disclosure VulnerabilityPatch;Vendor Advisory
-
http://www.securityfocus.com/bid/105828
Microsoft Outlook CVE-2018-8579 Information Disclosure VulnerabilityThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1042132
Microsoft Outlook Flaw Lets Remote Users Obtain Potentially Sensitive Information on the Target System - SecurityTrackerThird Party Advisory;VDB Entry
Jump to