CVE-2017-8551

Опубликовано: 15 июн. 2017

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

An elevation of privilege vulnerability exists when Microsoft SharePoint software fails to properly sanitize a specially crafted requests, aka "Microsoft SharePoint XSS vulnerability".

Ссылки

http://www.securityfocus.com/bid/98913
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038663
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8551
Patch
Vendor Advisory
http://www.securityfocus.com/bid/98913
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038663
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8551
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:microsoft:project_server:2013:sp1:*:*:*:*:x64:*

EPSS

Процентиль: 70%

0.00669

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

CVE-2017-8551

msrc

около 8 лет назад

Microsoft SharePoint Elevation of Privilege Vulnerability

GHSA-8cr9-r7p7-cphf