CVE-2017-11936

Опубликовано: 12 дек. 2017

Источник: nvd

CVSS3: 8.8

CVSS2: 6.5

EPSS Средний

Описание

Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability due to the way web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability".

Ссылки

http://www.securityfocus.com/bid/102068
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039995
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11936
Issue Tracking
Patch
Vendor Advisory
http://www.securityfocus.com/bid/102068
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039995
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11936
Issue Tracking
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:microsoft:sharepoint_enterprise_server:2016:*:*:*:*:*:*:*

EPSS

Процентиль: 93%

0.11619

Средний

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

CVE-2017-11936

msrc

больше 7 лет назад

Microsoft SharePoint Elevation of Privilege Vulnerability

GHSA-8j4q-gqp8-q3c6