Fwd: [CIVN-2020-0435] Remote code Execution Vulnerability in Microsoft SharePoint

Severity Rating: HIGH

Software Affected

Microsoft SharePoint Foundation 2013 Service Pack 1

Microsoft SharePoint Foundation 2010 Service Pack 2

Microsoft SharePoint Server 2019

Microsoft SharePoint Enterprise Server 2016

Overview

Multiple vulnerabilities exist in Microsoft SharePoint which could allow a

remote attacker to execute arbitrary code on a targeted system.

Description

These vulnerabilities exist due to improper input validation in Microsoft

SharePoint. A remote attacker can send a specially crafted request and

execute arbitrary code on the targeted system.

Successful exploitation of these vulnerabilities may result in complete

compromise of vulnerable system.

Solution

Apply appropriate patches as mentioned by vendor

https://msrc.microsoft.com/update-guide/en-us/

Vendor Information

Microsoft

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17118

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17121

References

Microsoft

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17118

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17121

CVE Name

CVE-2020-17118

CVE-2020-17121

About Cert Advisory

We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.

Fwd: [CIVN-2020-0435] Remote code Execution Vulnerability in Microsoft SharePoint

About Cert Advisory

Related Posts

Popular Posts

Facebook

Blog Archive