← Back

CVE-2018-0790

nvd nist
Published: Jan 10, 2018Modified: Nov 21, 2024

JSON object

Loading...
8.8
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 2.8 / Impact: 5.9
Source: NVD

Description

Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 and Microsoft SharePoint Server 2016 allow an elevation of privilege vulnerability due to the way web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0789.

Affected (3)

Microsoft
2 products
Sharepoint Enterprise Server
Sharepoint Foundation
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Microsoft
Sharepoint Enterprise Server
Version 2013 sp1
Sharepoint Enterprise Server
Version 2016
Sharepoint Foundation
Version 2010 sp2

References (6)

Source: secure@microsoft.com
Third Party AdvisoryVDB Entry
Source: secure@microsoft.com
Third Party AdvisoryVDB Entry
Source: secure@microsoft.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.