Описание
Microsoft SharePoint Server Information Disclosure Vulnerability
FAQ
There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?
Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.
According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?
The attacker must be authenticated to the target site, with the permission to use Manage Lists within SharePoint.
What type of information could be disclosed by this vulnerability?
An attacker that successfully exploited this vulnerability could leak private property values.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft SharePoint Enterprise Server 2016 | ||
| Microsoft SharePoint Server 2019 | ||
| Microsoft SharePoint Server Subscription Edition |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
DOS
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
Microsoft SharePoint Server Information Disclosure Vulnerability
Microsoft SharePoint Server Information Disclosure Vulnerability
Уязвимость пакетов программ Microsoft SharePoint Server, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS
6.5 Medium
CVSS3