CVE-2022-41122

Опубликовано: 08 нояб. 2022

Источник: msrc

CVSS3: 6.5

EPSS Средний

Описание

Microsoft SharePoint Server Spoofing Vulnerability

FAQ

According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

The attacker must be authenticated and possess the permissions for page creation to be able to exploit this vulnerability.

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is sensitive information.

Обновления

Продукт	Статья	Обновление
Microsoft SharePoint Foundation 2013 Service Pack 1	5002267	Security Update
Microsoft SharePoint Enterprise Server 2016	5002269	Security Update
Microsoft SharePoint Enterprise Server 2013 Service Pack 1	5002264 5002267	Cumulative Update Security Update
Microsoft SharePoint Server 2019	5002258	Security Update
Microsoft SharePoint Server Subscription Edition	5002271	Security Update

Показывать по

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

Exploitation More Likely

Older Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 94%

0.15389

Средний

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2022-41122

CVSS3: 6.5

nvd

около 3 лет назад

Microsoft SharePoint Server Spoofing Vulnerability

GHSA-hjh2-cjr9-5h3c

CVSS3: 6.5

github

около 3 лет назад

Microsoft SharePoint Server Spoofing Vulnerability.

BDU:2022-06777

CVSS3: 6.5

fstec

около 3 лет назад

Уязвимость пакетов программ Microsoft SharePoint Foundation, SharePoint Server и SharePoint Enterprise Server, связанная с ошибками представления информации пользовательским интерфейсом, позволяющая нарушителю осуществлять спуфинг-атаки

EPSS

Процентиль: 94%

0.15389

Средний

6.5 Medium

CVSS3