๐Ÿ” CVE Alert

CVE-2023-35311

HIGH 8.8 โš ๏ธ CISA KEV

Microsoft Outlook Security Feature Bypass Vulnerability

CVSS Score
8.8
EPSS Score
0.0%
EPSS Percentile
0th

Microsoft Outlook Security Feature Bypass Vulnerability

Vendor microsoft
Product microsoft 365 apps for enterprise
Ecosystems
Industries
TechnologyEnterprise
Published Jul 11, 2023
Last Updated Oct 21, 2025
โš ๏ธ Actively Exploited โ€” Act Now

Get instant alerts for microsoft microsoft 365 apps for enterprise

This vulnerability is actively exploited in the wild. Set up free real-time alerts so you're first to know about threats like CVE-2023-35311.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability

Affected Versions

Microsoft / Microsoft 365 Apps for Enterprise
16.0.1 < https://aka.ms/OfficeSecurityReleases
Microsoft / Microsoft Office LTSC 2021
16.0.1 < https://aka.ms/OfficeSecurityReleases
Microsoft / Microsoft Office 2019
19.0.0 < https://aka.ms/OfficeSecurityReleases
Microsoft / Microsoft Outlook 2016
16.0.0.0 < 16.0.5404.1000
Microsoft / Microsoft Outlook 2013
14.0.0 < 15.0.5571.1000
Microsoft / Microsoft Outlook 2013 Service Pack 1
15.0.0.0 < 15.0.5571.1000

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
msrc.microsoft.com: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35311 cisa.gov: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-35311