{"@odata.context":"https://api.msrc.microsoft.com/sug/v2.0/en-US/$metadata#vulnerability/$entity","id":"00000000-0000-0000-0000-000024e14dff","releaseDate":"2021-04-13T07:00:00Z","cveNumber":"CVE-2021-28454","cveTitle":"Microsoft Excel Remote Code Execution Vulnerability","releaseNumber":"2021-Apr","vulnType":"Security Vulnerability","latestRevisionDate":"2021-04-15T07:00:00Z","cweList":[],"mitreText":"CVE-2021-28454","mitreUrl":"https://www.cve.org/CVERecord?id=CVE-2021-28454","publiclyDisclosed":"No","exploited":"No","latestSoftwareReleaseId":2,"latestSoftwareRelease":"Exploitation Less Likely","olderSoftwareReleaseId":2,"olderSoftwareRelease":"Exploitation Less Likely","denialOfService":"N/A","tag":"Microsoft Office Excel","issuingCna":"Microsoft","severityId":0,"impactId":0,"langCode":"en-US","baseScore":"7.8","temporalScore":"7.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C","isMariner":false,"articles":[{"articleType":"FAQ","description":"
Is the Preview Pane an attack vector for this vulnerability?
\nNo, the Preview Pane is not an attack vector.
\n","ordinal":10000},{"articleType":"FAQ","description":"According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?
\nExploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Excel.
\nAn attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.
\n","ordinal":10000}],"revisions":[{"cveNumber":"CVE-2021-28454","version":1.0,"revisionDate":"2021-04-13T07:00:00Z","initialDate":"0001-01-01T00:00:00Z","description":"Information published.
\n","unformattedDescription":"Information published.","notificationNeeded":false,"notificationSent":false,"sourceId":"484ccd79-9586-eb11-a838-000d3a6d3364"},{"cveNumber":"CVE-2021-28454","version":1.1,"revisionDate":"2021-04-15T07:00:00Z","initialDate":"0001-01-01T00:00:00Z","description":"Added acknowledgements. This is an informational change only.
\n","unformattedDescription":"Added acknowledgements. This is an informational change only.","notificationNeeded":false,"notificationSent":false,"sourceId":"e45a741b-139e-eb11-a83d-000d3a6d3364"}]}