Technical Severity
MEDIUMCVSS v3.1 Metrics
6.5
/ 10
Minimal Risk
Critical
Vector Specification
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:CExploitation Likelihood
EPSS Prediction
18.96
%
Predictive Probability
Percentile Rank
97.0
th
Documented as more likely to be exploited than 97.0% of known CVEs.
Detection Date
Sep 12, 2023
Remediation Due
Oct 03, 2023
CISA Catalog Active
Threat Analysis
Microsoft Word contains an unspecified vulnerability that allows for information disclosure.
Remediation Directive
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.