Outlook for Android Information Disclosure Vulnerability
CVE-2024-26204

7.5HIGH

Key Information:

Vendor: Microsoft
Status: Microsoft Outlook For Android
Vendor: CVE Published:; 12 March 2024

What is CVE-2024-26204?

An information disclosure vulnerability exists within Outlook for Android that may allow an attacker to access sensitive user data. This flaw could potentially enable unauthorized access to private information stored within the application, raising significant concerns for email and data security. Organizations using Outlook for Android are advised to monitor their systems and apply necessary mitigations to safeguard against unauthorized data exposure.

Affected Version(s)

Microsoft Outlook for Android Unknown 1.0 < 4.2404.0

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 12, 2024
Vulnerability Reserved
Feb 14, 2024