CVE-2023-2172114.02.2023, 20:15Microsoft OneNote Elevation of Privilege VulnerabilityEnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST6.5 MEDIUMNETWORKLOWLOWCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NmicrosoftCNA6.5 MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:CCVEADP------Awaiting analysisThis vulnerability is currently awaiting analysis.Base ScoreCVSS 3.xEPSS ScorePercentile: 81%Common Weakness EnumerationCWE-287 - Improper AuthenticationWhen an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.Referenceshttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21721https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21721