The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Enterprise Server, Microsoft Office Web Apps Server, and Microsoft Office Online Server lies in the insufficient protection of operational data, allowing attackers to gain unauthorized access to protected information.

🗓️ 04 Jul 2022 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

SharePoint and related servers have weak data protection, enabling unauthorized access via a malicious file.

Reporter	Title	Published	Views	Family All 25
ATTACKERKB	CVE-2022-30171	15 Jun 202222:15	–	attackerkb
CNNVD	Microsoft Office 安全漏洞	14 Jun 202200:00	–	cnnvd
CVE	CVE-2022-30171	15 Jun 202221:52	–	cve
Cvelist	CVE-2022-30171 Microsoft Office Information Disclosure Vulnerability	15 Jun 202221:52	–	cvelist
EUVD	EUVD-2022-35379	3 Oct 202520:07	–	euvd
Microsoft KB	Description of the security update for SharePoint Enterprise Server 2013: June 14, 2022 (KB5002062)	14 Jun 202207:00	–	mskb
Microsoft KB	Description of the security update for Office Online Server: June 14, 2022 (KB5002210)	14 Jun 202207:00	–	mskb
Microsoft KB	Description of the security update for SharePoint Server 2019: June 14, 2022 (KB5002212)	14 Jun 202207:00	–	mskb
Microsoft KB	Description of the security update for Office Web Apps Server 2013: June 14, 2022 (KB5002214)	14 Jun 202207:00	–	mskb
Microsoft KB	Description of the security update for SharePoint Enterprise Server 2016: June 14, 2022 (KB5002222)	14 Jun 202207:00	–	mskb

Source	Link
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30171
nvd	www.nvd.nist.gov/vuln/detail/CVE-2022-30171
vuldb	www.vuldb.com/ru/
web	www.web.nvd.nist.gov/view/vuln/detail

04 Jul 2022 00:00Current

6.3Medium risk

Vulners AI Score6.3

CVSS 24.9

CVSS 35.5

EPSS0.04265

SharePoint vulnerability operational data protection unauthorized access malicious file