CVE-2020-1322
Description
An information disclosure vulnerability exists when Microsoft Project reads out of bound memory due to an uninitialized variable, aka 'Microsoft Project Information Disclosure Vulnerability'.
Related CPE's
References
PatchVendor Advisory
CvssV3 impact
BaseSeverity | MEDIUM |
ConfidentialityImpact | HIGH |
AttackComplexity | LOW |
Scope | UNCHANGED |
AttackVector | NETWORK |
AvailabilityImpact | NONE |
IntegrityImpact | NONE |
PrivilegesRequired | NONE |
BaseScore | 6.5 |
VectorString | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |
Version | 3.1 |
UserInteraction | REQUIRED |
CvssV2 impact
AccessComplexity | MEDIUM |
ConfidentialityImpact | PARTIAL |
AvailabilityImpact | NONE |
IntegrityImpact | NONE |
BaseScore | 4.300000190734863 |
VectorString | AV:N/AC:M/Au:N/C:P/I:N/A:N |
Version | 2.0 |
AccessVector | NETWORK |
Authentication | NONE |