{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T01:41:06.350","vulnerabilities":[{"cve":{"id":"CVE-2018-8247","sourceIdentifier":"secure@microsoft.com","published":"2018-06-14T12:29:02.477","lastModified":"2024-11-21T04:13:29.797","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An elevation of privilege vulnerability exists when Office Web Apps Server 2013 and Office Online Server fail to properly handle web requests, aka \"Microsoft Office Elevation of Privilege Vulnerability.\" This affects Microsoft Office, Microsoft Office Online Server. This CVE ID is unique from CVE-2018-8245."},{"lang":"es","value":"Existe una vulnerabilidad de elevaciĆ³n de privilegios cuando Office Web Apps Server 2013 y Office Online Server fracasan a la hora de gestionar correctamente peticiones web. Esto tambiĆ©n se conoce como \"Microsoft Office Elevation of Privilege Vulnerability\". Esto afecta a Microsoft Office y Microsoft Office Online Server. El ID de este CVE es diferente de CVE-2018-8245."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:N","baseScore":5.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_online_server:2016:*:*:*:*:*:*:*","matchCriteriaId":"C6C0BD17-4324-4DFF-9804-1825C4C182A1"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_web_apps:2013:sp1:*:*:*:*:*:*","matchCriteriaId":"B3C3FC9A-D8E5-493A-A575-C831A9A28815"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/104319","source":"secure@microsoft.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1041104","source":"secure@microsoft.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8247","source":"secure@microsoft.com","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/104319","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1041104","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8247","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}