Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2018-0915

Опубликовано: 14 мар. 2018
Источник: nvd
CVSS3: 8.8
CVSS2: 6.5
EPSS Низкий

Описание

Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910. CVE-2018-0911, CVE-2018-0912, CVE-2018-0914, CVE-2018-0916, CVE-2018-0917, CVE-2018-0921, CVE-2018-0923, CVE-2018-0944 and CVE-2018-0947.

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:microsoft:project_server:2013:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:sharepoint_enterprise_server:2016:*:*:*:*:*:*:*

EPSS

Процентиль: 90%
0.0557
Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

msrc
больше 7 лет назад

Microsoft SharePoint Elevation of Privilege Vulnerability

CVSS3: 8.8
github
около 3 лет назад

Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910. CVE-2018-0911, CVE-2018-0912, CVE-2018-0914, CVE-2018-0916, CVE-2018-0917, CVE-2018-0921, CVE-2018-0923, CVE-2018-0944 and CVE-2018-0947.

EPSS

Процентиль: 90%
0.0557
Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-79