Описание
Microsoft OneDrive for iOS Security Feature Bypass Vulnerability
FAQ
According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?
Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges.
What kind of security feature could be bypassed by successfully exploiting this vulnerability?
An attacker who successfully exploited this vulnerability could gain access to files stored in a locked vault.
Does this vulnerability affect all OneDrive for iOS customers?
No. Only customers based in Australia are required to take action as the feature which was susceptible to this vulnerability was only deployed to that region.
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
DOS
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
Microsoft OneDrive for iOS Security Feature Bypass Vulnerability
Microsoft OneDrive for iOS Security Feature Bypass Vulnerability
Уязвимость службы размещения файлов OneDrive for iOS, связанная с отсутствием защиты служебных данных, позволяющая нарушителю раскрыть защищаемую информацию
EPSS
6.5 Medium
CVSS3