CVE-2020-17119

Published: Dec 9, 2020

Modified: Aug 28, 2025

PUBLISHED

CVSS v3.1

6.5

MEDIUM

Microsoft Outlook Information Disclosure Vulnerability

Vendor	Product	Versions
Microsoft	Microsoft Office 2019	affected `19.0.0 - < https://aka.ms/OfficeSecurityReleases`
Microsoft	Microsoft Office 2019 for Mac	affected `16.0.0 - < publication`
Microsoft	Microsoft 365 Apps for Enterprise	affected `16.0.1 - < https://aka.ms/OfficeSecurityReleases`
Microsoft	Microsoft Outlook 2016	affected `16.0.0.0 - < publication`
Microsoft	Microsoft Outlook 2013 Service Pack 1	affected `15.0.0.0 - < publication`
Microsoft	Microsoft Outlook 2010 Service Pack 2	affected `13.0.0.0 - < publication`

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.