Описание
Microsoft SharePoint Information Disclosure Vulnerability
FAQ
What type of information could be disclosed by this vulnerability?
The type of information that could be disclosed if an attacker successfully exploited this vulnerability is file content.
There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?
Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft SharePoint Enterprise Server 2016 | ||
| Microsoft SharePoint Server 2019 | ||
| Microsoft SharePoint Server Subscription Edition |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
DOS
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
Microsoft SharePoint Information Disclosure Vulnerability
Microsoft SharePoint Information Disclosure Vulnerability
Уязвимость пакетов программ Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition и Microsoft SharePoint Enterprise Server, связанная с ошибками в обработке относительного пути к каталогу, позволяющая нарушителю раскрыть защищаемую информацию
EPSS
6.5 Medium
CVSS3