The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Enterprise Server, and Microsoft SharePoint Foundation software lies in the insecure management of privileges, which allows attackers to escalate their privileges.

🗓️ 30 Dec 2020 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru

Microsoft SharePoint products suffer remote privilege escalation from insecure privilege management.

Reporter	Title	Published	Views	Family All 27
Circl	CVE-2020-17089	10 Dec 202002:32	–	circl
CNNVD	Microsoft SharePoint 安全漏洞	8 Dec 202000:00	–	cnnvd
CNVD	Microsoft SharePoint Elevation of Privilege Vulnerability (CNVD-2020-73766)	14 Dec 202000:00	–	cnvd
CVE	CVE-2020-17089	9 Dec 202023:36	–	cve
Cvelist	CVE-2020-17089 Microsoft SharePoint Elevation of Privilege Vulnerability	9 Dec 202023:36	–	cvelist
EUVD	EUVD-2020-9044	7 Oct 202500:30	–	euvd
Microsoft KB	Description of the security update for SharePoint Server 2019: December 8, 2020	8 Dec 202008:00	–	mskb
Microsoft KB	Description of the security update for SharePoint Enterprise Server 2016: December 8, 2020 (KB4486753)	8 Dec 202008:00	–	mskb
Microsoft KB	Description of the security update for SharePoint Foundation 2013: December 8, 2020	8 Dec 202008:00	–	mskb
Microsoft KB	Description of the security update for SharePoint Foundation 2010: December 8, 2020	8 Dec 202008:00	–	mskb

Source	Link
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17089
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-17089
web	www.web.nvd.nist.gov/view/vuln/detail

30 Dec 2020 00:00Current

CVSS 38

CVSS 29

EPSS0.06207

Microsoft SharePoint SharePoint Server SharePoint Enterprise Server SharePoint Foundation remote privilege escalation insecure privilege management