CVE-2023-23397
9.8CRITICALMicrosoft Outlook Elevation of Privilege Vulnerability
Veröffentlicht: 3/14/2023Aktualisiert: 10/27/2025
CISA Bekannte Ausgenutzte Schwachstelle
Microsoft Office Outlook contains a privilege escalation vulnerability that allows for a NTLM Relay attack against another service to authenticate as the user.
Erforderliche Maßnahme:
Apply updates per vendor instructions.
Fälligkeitsdatum:
2023-04-04
Beschreibung
Microsoft Outlook Elevation of Privilege Vulnerability
KI-AnalyseKI-gestützt
Betroffene Produkte
microsoft365_apps
-
microsoftoffice
2019
microsoftoffice_long_term_servicing_channel
2021
microsoftoutlook
2013
microsoftoutlook
2013
microsoftoutlook
2016
Referenzen
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23397PatchVendor Advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23397PatchVendor Advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-23397US Government Resource