Office Web Apps Server
by Microsoft
Take action — actively targeted
Office Web Apps Server is actively targeted by attackers. A significant proportion of its known vulnerabilities are being exploited.
What to do
- Apply all available updates immediately
- Review your exposure — is this internet-facing?
- Monitor vendor advisories for this product
What Attackers Target
Vulnerabilities with high exploit probability
50.9%
Confirmed actively exploited (CISA)
3.6%
Public exploit code available
3.6%
Based on 55 known vulnerabilities. Percentages show the proportion that are actively dangerous — a low percentage means most vulnerabilities in this product are not being exploited.
Most Dangerous Vulnerabilities
| CVE | CVSS | Exploit Probability | Confirmed |
|---|---|---|---|
| CVE-2014-1761 | 7.8 | 92.6% | Yes |
| CVE-2017-11826 | 7.8 | 90.8% | Yes |
| CVE-2016-3282 | 7.8 | 54.6% | — |
| CVE-2016-0134 | 7.8 | 48.5% | — |
| CVE-2021-31178 | 5.5 | 41.9% | — |
| CVE-2017-8742 | 7.8 | 36.5% | — |
| CVE-2018-0797 | 7.8 | 34.0% | — |
| CVE-2018-8577 | 7.8 | 32.8% | — |
| CVE-2016-3357 | 7.8 | 32.4% | — |
| CVE-2016-0053 | 7.8 | 31.2% | — |
| CVE-2016-0127 | 7.8 | 29.9% | — |
| CVE-2016-0052 | 7.8 | 29.9% | — |
| CVE-2016-0022 | 7.8 | 29.9% | — |
| CVE-2019-0585 | 8.8 | 28.2% | — |
| CVE-2016-0025 | 7.3 | 26.9% | — |
| CVE-2019-0561 | 5.5 | 23.1% | — |
| CVE-2016-3360 | 7.8 | 17.4% | — |
| CVE-2021-28456 | 5.5 | 17.0% | — |
| CVE-2022-41106 | 8.8 | 16.8% | — |
| CVE-2021-31175 | 7.8 | 15.5% | — |
53
/ 100
high-risk
Active Threat
50/50 · Critical
Exploit Availability
3/50 · Minimal
Score uses Wilson score intervals to account for sample size. Products with few CVEs are scored conservatively.