Описание
Microsoft SharePoint Server Information Disclosure Vulnerability
FAQ
There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?
Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.
What type of information could be disclosed by this vulnerability?
The type of information that could be disclosed if an attacker successfully exploited this vulnerability is sensitive information.
According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?
The attacker must be authenticated to the target site as at least a Site Member and have edit permissions for the site.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft SharePoint Server 2019 | ||
| Microsoft SharePoint Server Subscription Edition |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
DOS
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
Microsoft SharePoint Server Information Disclosure Vulnerability
Microsoft SharePoint Server Information Disclosure Vulnerability
Уязвимость пакетов программ Microsoft SharePoint Server, связанная с недостаточной защитой служебных данных, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS
6.5 Medium
CVSS3