← Back

CVE-2024-30042

nvd nist
Published: May 14, 2024Modified: Jan 8, 2025

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: secure@microsoft.com (Secondary)

Description

Microsoft Excel Remote Code Execution Vulnerability

Affected (7)

Microsoft
5 products
365 Apps
Excel
Office
Office Long Term Servicing Channel
Office Online Server
Configuration A
7 vulnerable
Vulnerable SoftwareAffected Versions
365 Apps
All versions
Excel
Version 2016
Office
Version 2019
Microsoft
Office Long Term Servicing Channel
Version 2021
Office Long Term Servicing Channel
Version 2021
Microsoft
Office Online Server
Before 16.0.10410.20003
Office Online Server
Version 2016

Related CWEs

CWE-502
Deserialization of Untrusted Data
The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

References (2)

Source: secure@microsoft.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.