Fwd: [CIVN-2020-0435] Remote code Execution Vulnerability in Microsoft SharePoint

1 year ago 70

Severity Rating: HIGH

Software Affected

Microsoft SharePoint Foundation 2013 Service Pack 1

Microsoft SharePoint Foundation 2010 Service Pack 2

Microsoft SharePoint Server 2019

Microsoft SharePoint Enterprise Server 2016

Overview

Multiple vulnerabilities exist in Microsoft SharePoint which could allow a

remote attacker to execute arbitrary code on a targeted system.

Description

These vulnerabilities exist due to improper input validation in Microsoft

SharePoint. A remote attacker can send a specially crafted request and

execute arbitrary code on the targeted system.  

Successful exploitation of these vulnerabilities may result in complete

compromise of vulnerable system.

Solution

Apply appropriate patches as mentioned by vendor 

Vendor Information

Microsoft

References

Microsoft

CVE Name

CVE-2020-17118

CVE-2020-17121

About Cert Advisory

Related Posts

Read Entire Article