Microsoft Cost Management
Monthly
Information disclosure in Microsoft Cost Management Interactive Experiences allows unauthenticated remote attackers to retrieve sensitive data over a network. The flaw carries a CVSS 3.1 base score of 7.5 with high confidentiality impact and no integrity or availability effects, and Microsoft has published an advisory with a fix. At time of analysis there is no public exploit identified and the vulnerability is not listed in CISA KEV.
Information disclosure in Microsoft Cost Management Interactive Experiences allows unauthenticated remote attackers to retrieve sensitive data over a network. The flaw carries a CVSS 3.1 base score of 7.5 with high confidentiality impact and no integrity or availability effects, and Microsoft has published an advisory with a fix. At time of analysis there is no public exploit identified and the vulnerability is not listed in CISA KEV.