CVE-2020-0695

Medium

A spoofing vulnerability exists when Office Online Server does not validate origin in cross-origin communications correctly, aka 'Microsoft…

microsoft·CWE-346·Published 2020-02-11

CVSS

5.4

EPSS

0.01

KEV

Exploits

cve.orgen

185 chars

A spoofing vulnerability exists when Office Online Server does not validate origin in cross-origin communications correctly, aka 'Microsoft Office Online Server Spoofing Vulnerability'.

NVDen

185 chars

A spoofing vulnerability exists when Office Online Server does not validate origin in cross-origin communications correctly, aka 'Microsoft Office Online Server Spoofing Vulnerability'.

NVDes

245 chars

Se presenta una vulnerabilidad de suplantación de identidad cuando Office Online Server no comprueba correctamente el origen en las comunicaciones de origen cruzado, también se conoce como "Microsoft Office Online Server Spoofing Vulnerability".

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.8	8.6	4.9	AV:N/AC:M/Au:N/C:P/I:P/A:N
3.1	Primary	NVD	5.4	2.8	2.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N