CVE-2023-3676906.11.2023, 23:15Microsoft OneNote Spoofing VulnerabilityEnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST4.6 MEDIUMNETWORKLOWLOWCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:NmicrosoftCNA4.6 MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:CCVEADP------CISA-ADPADP------Awaiting analysisThis vulnerability is currently awaiting analysis.Base ScoreCVSS 3.xEPSS ScorePercentile: 29%Common Weakness EnumerationCWE-290 - Authentication Bypass by SpoofingThis attack-focused weakness is caused by improperly implemented authentication schemes that are subject to spoofing attacks.Referenceshttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36769https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36769