CVE-2017-11877

CVE Database · CVE-2017-11877

CVE-2017-11877

· MEDIUMModified

CVSS v3.1

5.5

EPSS

4.55%

Published

Nov 15, 2017

Modified

May 12, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Compatibility Pack Service Pack 3, Microsoft Excel Viewer 2007 Service Pack 3, and Microsoft Excel 2016 for Mac allow a security feature bypass by not enforcing macro settings on an Excel document, aka "Microsoft Excel Security Feature Bypass Vulnerability".

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Affected Products (8)

microsoft · excelvulnerable

microsoft · excel_viewervulnerable

microsoft · office_compatibility_packvulnerable

References (6)

http://www.securityfocus.com/bid/101747

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1039783

Third Party AdvisoryVDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11877

Issue TrackingPatchVendor Advisory

http://www.securityfocus.com/bid/101747

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1039783

Third Party AdvisoryVDB Entry

KEV Catalog EPSS Scores Vendors All CVEs