CVE-2020-17121

Опубликовано: 08 дек. 2020

Источник: msrc

CVSS3: 8.8

EPSS Средний

Описание

Microsoft SharePoint Remote Code Execution Vulnerability

FAQ

What is the attack vector for this vulnerability?

In a network-based attack an attacker could gain access to create a site and could execute code remotely. The attacker would need to have privileges.

Обновления

Продукт	Статья	Обновление
Microsoft SharePoint Foundation 2010 Service Pack 2	4493149	Security Update
Microsoft SharePoint Foundation 2013 Service Pack 1	4493138	Security Update
Microsoft SharePoint Enterprise Server 2016	4486753	Security Update
Microsoft SharePoint Server 2019	4486751	Security Update

Показывать по

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

Exploitation More Likely

Older Software Release

Exploitation More Likely

EPSS

Процентиль: 94%

0.13467

Средний

8.8 High

CVSS3

Связанные уязвимости

CVE-2020-17121

CVSS3: 8.8

nvd

около 5 лет назад

Microsoft SharePoint Remote Code Execution Vulnerability

GHSA-v22m-mfm8-q276

CVSS3: 8.8

github

больше 3 лет назад

, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-17118.

BDU:2020-05899

CVSS3: 8.8

fstec

около 5 лет назад

Уязвимость пакетов программ Microsoft SharePoint Server, Microsoft SharePoint Enterprise Server, Microsoft SharePoint Foundation, связанная с ошибками в коде, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 94%

0.13467

Средний

8.8 High

CVSS3