THREATOPS
THREAT OPSCVEs › CVE-2023-23397

CVE-2023-23397 — Microsoft Office Outlook Privilege Escalation Vulnerability

CISA KEVExploited: confirmedMicrosoft

Microsoft Office Outlook contains a privilege escalation vulnerability that allows for a NTLM Relay attack against another service to authenticate as the user.

Vulnerability details