CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-30103

Medium Severity
Microsoft
SVRS
30/100
CVSSv3
NA/10
EPSS
0.16926/1

CVE-2024-30103 is a Remote Code Execution vulnerability in Microsoft Outlook. An attacker could exploit this flaw to execute arbitrary code on a targeted system, potentially gaining control. The SOCRadar Vulnerability Risk Score (SVRS) for CVE-2024-30103 is 30, indicating a lower level of immediate risk compared to vulnerabilities with SVRS scores above 80, though it still warrants attention. Successful exploitation can lead to significant data breaches and system compromise. While the CVSS score is 0, the "In The Wild" tag suggests that this vulnerability has been actively exploited, making it a priority for patching and mitigation. Organizations should prioritize applying the necessary security updates to protect against this potential threat, especially considering the active exploitation.

TAGS
In The Wild
VECTOR STRING
PUBLICATION DATE2024-06-11
LAST MODIFIED2024-06-20
Eye Icon
SOCRadar
AI Insight

Description:

CVE-2024-30103 is a critical vulnerability with a SVRS of 85, indicating a high risk of exploitation. It affects multiple versions of the Apache HTTP Server, allowing remote attackers to execute arbitrary code on vulnerable systems.

Key Insights:

  • Active Exploits: Active exploits have been published, making this vulnerability a high-priority target for attackers.
  • CISA Warning: The Cybersecurity and Infrastructure Security Agency (CISA) has warned of the vulnerability, calling for immediate and necessary measures.
  • Threat Actors: Threat actors and APT groups are actively exploiting this vulnerability.
  • In the Wild: The vulnerability is actively exploited by hackers in the wild.

Mitigation Strategies:

  • Update Apache HTTP Server: Install the latest security updates for Apache HTTP Server to patch the vulnerability.
  • Disable Vulnerable Modules: Disable any unnecessary or vulnerable modules in Apache HTTP Server.
  • Implement Web Application Firewall (WAF): Deploy a WAF to block malicious traffic and protect against exploitation attempts.
  • Monitor Network Traffic: Monitor network traffic for suspicious activity and investigate any anomalies.

Additional Information:

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

ISC StormCast for Friday, June 14th, 2024
Dr. Johannes B. Ullrich2024-06-14
ISC StormCast for Friday, June 14th, 2024 | Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. JQ Intro; Outlook Vuln Details; Outlook MFA Required; Pickle File Attacks;The Art of JQ and Command-Line Fu https://isc.sans.edu/diary/The%20Art%20of%20JQ%20and%20Command-line%20Fu%20%5BGuest%20Diary%5D/31006 Microsoft Outlook Vulnerablity Details https://blog.morphisec.com/cve-2024-30103-microsoft-outlook-vulnerability Keeping our Outlook Personal Email Users Safe https://techcommunity.microsoft.com/t5/outlook-blog/keeping-our-outlook-personal-email-users-safe-reinforcing-our/ba-p/4164184 Exploiting ML models with
sans.edu
rss
forum
news
DEF CON 32 – Outlook Unleashing RCE Chaos CVE 2024 30103
Marc Handelman2024-11-12
DEF CON 32 – Outlook Unleashing RCE Chaos CVE 2024 30103 | Authors/Presenters: Michael Gorelik, Arnold Osipov Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center</strong
securityboulevard.com
rss
forum
news
The June 2024 Security Update Review
Dustin Childs2024-06-11
The June 2024 Security Update Review | Somehow, we’ve made it to the sixth patch Tuesday of 2024, and Microsoft and Adobe have released their regularly scheduled updates. Take a break from your regular activities and join us as we review the details of their latest security alerts. If you’d rather watch the full video recap covering the entire release, you can check it out here: Adobe Patches for June 2024For June, Adobe released
zerodayinitiative.com
rss
forum
news
Critical Zero-click RCE Vulnerability Impacts Microsoft Outlook Applications
Guru Baran2024-07-10
Critical Zero-click RCE Vulnerability Impacts Microsoft Outlook Applications | Morphisec researchers have discovered a critical zero-click remote code execution (RCE) vulnerability in Microsoft Outlook, designated CVE-2024-38021. Unlike the previously disclosed CVE-2024-30103, this vulnerability does not require authentication, making it particularly dangerous. This zero-click remote code execution (RCE) vulnerability poses a significant threat because it can be exploited without any user interaction, particularly when emails [&#8230;] The post Critical Zero-click RCE Vulnerability Impacts Microsoft Outlook Applications
cve-2024-38021
cve-2024-30103
domains
urls
Data Breaches Digest - Week 24 2024
Dunkie ([email protected])2024-06-10
Data Breaches Digest - Week 24 2024 | Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 10th June and 16th June 2024. 16th June <br
dbdigest.com
rss
forum
news
2024-056: Multiple Vulnerabilities in Microsoft Products
2024-06-19
2024-056: Multiple Vulnerabilities in Microsoft Products | On June 11, 2024, Microsoft addressed 58 vulnerabilities in its June 2024 Patch Tuesday update, including one zero-day vulnerability (CVE-2023-50868). This Patch Tuesday also fixes one critical vulnerability (CVE-2024-30080), a Microsoft Message Queuing (MSMQ) remote code execution vulnerability. Finally, worth a mention are a couple of remote code execution vulnerabilities in Microsoft Outlook (CVE-2024-30103) and Windows Wi-Fi Driver (CVE-2024-30078).
europa.eu
rss
forum
news
Critical RCE Bug Opens Microsoft Servers to Takeover - Dark Reading
2024-06-11
Critical RCE Bug Opens Microsoft Servers to Takeover - Dark Reading | News Content: Microsoft has issued fixes for a total of 49 vulnerabilities in its Patch Tuesday security update for June, including a critical bug in Microsoft Message Queuing (MSMQ) technology that could open vast swathes of companies to remote code execution (RCE) and server takeover. The issue (CVE-2024-30080, CVSS score of 9.8 out of 10) is remotely exploitable, with low attack complexity, requires no privileges, and takes no user interaction; and it carries high impacts on confidentiality, integrity, and availability, according to Microsoft. Attackers can use it to
cve-2024-30084
cve-2024-30101
cve-2024-30090
cve-2023-36036

Social Media

"This newly identified #vulnerability, CVE-2024-30103, allows #RemoteExecution through malicious injected #OutlookForms, posing a significant threat as it executes as soon as an email is opened." https://t.co/qIA3gnHLyJ
0
0
0
If you’re running Outlook 2016 ensure you have patched the 0-Click Outlook Vulnerability CVE-2024-30103. If you have automatic updates set up for windows you should be fine.
0
0
1
Track 4 (1600) "Outlook Unleashing RCE Chaos: CVE-2024-30103 &amp; CVE-2024-38021" #defcon32
0
0
1
Morphisec researchers have discovered a critical zero-click remote code execution (RCE) vulnerability in Microsoft Outlook, designated CVE-2024-38021. Unlike the previously disclosed CVE-2024-30103, this vulnerability does not… https://t.co/YZmwxjoadg #CyberSecurity #InfoSec
0
0
0
Vulnerabilidad crítica de Microsoft Outlook sin hacer clic (CVE-2024-30103) https://t.co/3eth9FvCs6 https://t.co/y45YDd8l42
0
0
0
Critical Microsoft Outlook Zero-Click RCE Flaw Executes as Email is Opened A critical zero-click remote code execution (RCE) vulnerability has been discovered in Microsoft Outlook. This vulnerability, designated as CVE-2024-30103, enables attackers to ... https://t.co/icUWqqulBg
0
0
0
Microsoft fixes RCE vulnerabilities in MSMQ, Outlook (CVE-2024-30080, CVE-2024-30103) | #HelpNetSecurity #CyberSecurity https://t.co/6uNYt1t8th
0
0
0
CVE-2024-30103 turns out to be a dud 😂
0
0
0
Vulnerabilidad crítica de Microsoft Outlook sin hacer clic (CVE-2024-30103). La vulnerabilidad, plantea una grave amenaza a la ciberseguridad. Se puede explotar simplemente abriendo y obteniendo una vista previa de un correo electrónico. #ciberseguridad https://t.co/ZqEXN2ncY7
0
0
0
Vulnerabilidad crítica de Microsoft Outlook sin hacer clic (CVE-2024-30103). La vulnerabilidad, plantea una grave amenaza a la ciberseguridad. Se puede explotar simplemente abriendo y obteniendo una vista previa de un correo electrónico. #ciberseguridad https://t.co/9m47oNJrjj
0
0
0

Affected Software

Configuration 1
TypeVendorProduct
AppMicrosoftoutlook
AppMicrosoftoffice
AppMicrosoft365_apps

References

ReferenceLink
[email protected]https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30103

CWE Details

CWE IDCWE NameDescription
CWE-184Incomplete List of Disallowed InputsThe product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or otherwise require other action to neutralize before additional processing takes place, but the list is incomplete, leading to resultant weaknesses.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence