NVD - CVE-2020-16929

Vulnerability Change Records for CVE-2020-16929

Change History

Initial Analysis by NIST 10/20/2020 9:28:33 AM

Action	Type	Old Value	New Value
Added	CVSS V3.1		NIST AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Added	CVSS V2		NIST (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Added	CWE		NIST CWE-416
Added	CPE Configuration		OR cpe:2.3:a:microsoft:365_apps:-::::::: cpe:2.3:a:microsoft:excel:2010:sp2::::::* cpe:2.3:a:microsoft:excel:2013:sp1::::::* cpe:2.3:a:microsoft:excel:2013:sp1:::rt::: cpe:2.3:a:microsoft:excel:2016::::::: cpe:2.3:a:microsoft:excel_web_app:2010:sp2::::::* cpe:2.3:a:microsoft:office:2010:sp2::::::* cpe:2.3:a:microsoft:office:2013:sp1::::::* cpe:2.3:a:microsoft:office:2013:sp1:::rt::: cpe:2.3:a:microsoft:office:2016::::::: cpe:2.3:a:microsoft:office:2016:::::macos::* cpe:2.3:a:microsoft:office:2019:::::-::* cpe:2.3:a:microsoft:office:2019:::::macos::* cpe:2.3:a:microsoft:office_online_server:1.0::::::: cpe:2.3:a:microsoft:office_web_apps:2010:sp2::::::* cpe:2.3:a:microsoft:office_web_apps:2013:sp1::::::* cpe:2.3:a:microsoft:sharepoint_enterprise_server:2013:sp1::::::* cpe:2.3:a:microsoft:sharepoint_server:2010:sp2::::::*
Changed	Reference Type	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16929 No Types Assigned	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16929 Patch, Vendor Advisory
Changed	Reference Type	https://www.zerodayinitiative.com/advisories/ZDI-20-1251/ No Types Assigned	https://www.zerodayinitiative.com/advisories/ZDI-20-1251/ Third Party Advisory
Added	CVSS V2 Metadata		Victim must voluntarily interact with attack mechanism