← Back

CVE-2023-29335

nvd nist
Published: May 9, 2023Modified: May 19, 2026

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 1.6 / Impact: 5.9
Source: secure@microsoft.com (Secondary)

Description

Microsoft Word Security Feature Bypass Vulnerability

Affected (20)

Microsoft
16 products
Windows 10 1507
Windows 10 1607
Windows 10 1809
Windows 10 20h2
Windows 10 21h2
Windows 10 22h2
Windows 11 21h2
Windows 11 22h2
Windows Server 2008
Windows Server 2012
Windows Server 2016
Windows Server 2022
365 Apps
Office
Office Long Term Servicing Channel
Word
Configuration A
14 vulnerable
Vulnerable SoftwareAffected Versions
Windows 10 1507
Before 10.0.10240.19926
Windows 10 1607
Before 10.0.14393.5921
Windows 10 1809
Before 10.0.17763.4377
Windows 10 20h2
Before 10.0.19042.2965
Windows 10 21h2
Before 10.0.19044.2965
Windows 10 22h2
Before 10.0.19045.2965
Windows 11 21h2
Before 10.0.22000.1936
Windows 11 22h2
Before 10.0.22000.1702
Microsoft
Windows Server 2008
All versions
Windows Server 2008
Version r2 sp1
Microsoft
Windows Server 2012
All versions
Windows Server 2012
Version r2
Windows Server 2016
All versions
Windows Server 2022
All versions
Configuration B
6 vulnerable
Vulnerable SoftwareAffected Versions
365 Apps
All versions
Office
Version 2019
Office Long Term Servicing Channel
Version 2021
Microsoft
Word
Version 2013
Word
Version 2013 sp1
Word
Version 2016

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (2)

Source: secure@microsoft.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.