ID CVE-2014-2816 Type cve Reporter NVD Modified 2017-01-06T21:59:50
Description
Microsoft SharePoint Server 2013 Gold and SP1 and SharePoint Foundation 2013 Gold and SP1 allow remote authenticated users to gain privileges via a Trojan horse app that executes a custom action in the context of the SharePoint extensibility model, aka "SharePoint Page Content Vulnerability."
{"result": {"symantec": [{"id": "SMNTC-69099", "type": "symantec", "title": "Microsoft SharePoint Server CVE-2014-2816 Remote Privilege Escalation Vulnerability", "description": "### Description\n\nMicrosoft SharePoint Server is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges in the context of the currently logged-in user. Successful exploits may aid in further attacks.\n\n### Technologies Affected\n\n * Microsoft SharePoint Foundation 2013 \n * Microsoft SharePoint Foundation 2013 SP1 \n * Microsoft SharePoint Server 2013 \n * Microsoft SharePoint Server 2013 SP1 \n\n### Recommendations\n\n**Block external access at the network boundary, unless external parties require service.** \nFilter access to the affected computer at the network boundary if global access isn't needed. Restricting access to only trusted computers and networks might greatly reduce the likelihood of a successful exploit.\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity such as unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.\n\n**Do not follow links provided by unknown or untrusted sources.** \nWeb users should be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "published": "2014-08-12T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/69099", "cvelist": ["CVE-2014-2816"], "lastseen": "2018-03-12T02:29:27"}], "openvas": [{"id": "OPENVAS:1361412562310804741", "type": "openvas", "title": "Microsoft SharePoint Server and Foundation Privilege Escalation Vulnerability", "description": "This host is missing an important security update according to\nMicrosoft Bulletin MS14-050.", "published": "2014-08-13T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804741", "cvelist": ["CVE-2014-2816"], "lastseen": "2017-07-13T10:48:29"}], "nessus": [{"id": "SMB_NT_MS14-050.NASL", "type": "nessus", "title": "MS14-050: Vulnerability in Microsoft SharePoint Server Could Allow Elevation of Privilege (2977202)", "description": "The version of Microsoft SharePoint Server installed on the remote host is affected by an elevation of privilege vulnerability that allows cross-site scripting. An authenticated attacker could exploit this vulnerability to execute arbitrary JavaScript in the context of the user's browser.", "published": "2014-08-12T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=77168", "cvelist": ["CVE-2014-2816"], "lastseen": "2017-10-29T13:41:15"}], "kaspersky": [{"id": "KLA10604", "type": "kaspersky", "title": "\r KLA10604Multiple vulnerabilities in Microsoft SharePoint ", "description": "### *CVSS*:\n9.3\n\n### *Detect date*:\n11/11/2014\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Microsoft SharePoint. Malicious users can exploit these vulnerabilities to gain privileges or execute arbitrary code.\n\n### *Affected products*:\nMicrosoft Windows SharePoint Services x86, x64 3.0 Service Pack 3 \nMicrosoft SharePoint Foundation 2010 Service Pack 1, 2 \nMicrosoft SharePoint Foundation 2013 \nMicrosoft SharePoint Foundation 2013 Service Pack 1 \nMicrosoft SharePoint Server 2013 \nMicrosoft SharePoint Server 2013 Service Pack 1 \nMicrosoft Project Server 2010 Service Pack 1, 2 \nMicrosoft Project Server 2013 \nMicrosoft Project Server 2013 Service Pack 1 \nMicrosoft Web Applications 2010 Service Pack 1, 2 \nMicrosoft Office Web Apps Server 2013 \nMicrosoft Office Web Apps Server 2013 Service Pack 1 \n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[MS14-073](<https://technet.microsoft.com/en-us/library/security/MS14-073>) \n[MS14-050](<https://technet.microsoft.com/en-us/library/security/MS14-050>) \n[MS14-022](<https://technet.microsoft.com/en-us/library/security/MS14-022>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Sharepoint Server](<https://threats.kaspersky.com/en/product/Microsoft-Sharepoint-Server/>)\n\n### *CVE-IDS*:\n[CVE-2014-2816](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2816>) \n[CVE-2014-0251](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0251>) \n[CVE-2014-1754](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1754>) \n[CVE-2014-1813](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1813>) \n[CVE-2014-4116](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4116>) \n\n\n### *Microsoft official advisories*:\n[MS14-073](<https://technet.microsoft.com/en-us/library/security/MS14-073>)\n\n### *KB list*:\n[2837588](<http://support.microsoft.com/kb/2837588>) \n[2880453](<http://support.microsoft.com/kb/2880453>) \n[2880536](<http://support.microsoft.com/kb/2880536>) \n[2863829](<http://support.microsoft.com/kb/2863829>) \n[2863922](<http://support.microsoft.com/kb/2863922>) \n[2837598](<http://support.microsoft.com/kb/2837598>) \n[2880994](<http://support.microsoft.com/kb/2880994>) \n[2863863](<http://support.microsoft.com/kb/2863863>) \n[2760236](<http://support.microsoft.com/kb/2760236>) \n[2752096](<http://support.microsoft.com/kb/2752096>) \n[2596861](<http://support.microsoft.com/kb/2596861>) \n[2596763](<http://support.microsoft.com/kb/2596763>) \n[2977202](<http://support.microsoft.com/kb/2977202>) \n[2810069](<http://support.microsoft.com/kb/2810069>) \n[2596902](<http://support.microsoft.com/kb/2596902>) \n[2863836](<http://support.microsoft.com/kb/2863836>) \n[2863856](<http://support.microsoft.com/kb/2863856>) \n[2863854](<http://support.microsoft.com/kb/2863854>) \n[3000431](<http://support.microsoft.com/kb/3000431>) \n[2952166](<http://support.microsoft.com/kb/2952166>) \n[2596810](<http://support.microsoft.com/kb/2596810>) \n[2837616](<http://support.microsoft.com/kb/2837616>)", "published": "2014-11-11T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://threats.kaspersky.com/en/vulnerability/KLA10604", "cvelist": ["CVE-2014-4116", "CVE-2014-2816", "CVE-2014-1813", "CVE-2014-0251", "CVE-2014-1754"], "lastseen": "2018-07-06T07:33:51"}]}}
