Fwd: [CIVN-2020-0217] Microsoft SharePoint Server Remote Code Execution Vulnerability

Severity rating: High

Software affected

· Microsoft SharePoint Enterprise Server 2016

· Microsoft SharePoint Foundation 2010 Service Pack 2

· Microsoft SharePoint Foundation 2013 Service Pack 1

· Microsoft SharePoint Server 2019

Overview

A vulnerability has been reported in Microsoft SharePoint Server which

could allow a remote attacker to execute arbitrary code on the targeted

system.

Description

1. Remote Code Execution Vulnerability (CVE-2020-1181)

This vulnerability exists in Microsoft SharePoint Server due to improper

identification and filtration of unsafe ASP.Net web controls. A remote

attacker could exploit this vulnerability by using a specially crafted page

on the affected server.

Successful exploitation of this vulnerability could allow the attacker to

cause remote code execution on the targeted system.

Solution

Apply appropriate patches as mentioned in Microsoft Security Guidance

https://portal.msrc.microsoft.com/en-us/security-guidance

Vendor Information

Microsoft

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020

- -1181

References

Microsoft

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020

- -1181

CVE Name

CVE-2020-1181

About Cert Advisory

We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.

Fwd: [CIVN-2020-0217] Microsoft SharePoint Server Remote Code Execution Vulnerability

About Cert Advisory

Related Posts

Related Posts

Popular Posts

Facebook

Blog Archive