Lucene search
MicrosoftMS:CVE-2020-1178HistoryJun 09, 2020 - 7:00 a.m.
Microsoft SharePoint Server Elevation of Privilege Vulnerability
2020-06-0907:00:00
Microsoft
msrc.microsoft.com
21
0.001 Low
EPSS
Percentile
46.4%
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted authentication request to an affected SharePoint server. An attacker who successfully exploited this vulnerability could execute malicious code on a vulnerable server in the context of the SharePoint application pool account.
To exploit this vulnerability, an authenticated attacker would need to create a page specifically designed to cause a server-side request. The attacker would then send a specially-crafted message to perform a server-side request forgery attack.
The update addresses the vulnerability by modifying how Microsoft SharePoint Server manages server authentication.
Related
cve
cve
CVE-2020-1178
2020-06-09 20:15:00
cvelist
cvelist
CVE-2020-1178
2020-06-09 19:43:18
prion
prion
Privilege escalation
2020-06-09 20:15:00
mskb
mskb
nessus
nessus
Security Updates for Microsoft SharePoint Server (June 2020)
2020-06-09 00:00:00
kaspersky
kaspersky
KLA11808 Multiple vulnerabilities in Microsoft Office
2020-06-09 00:00:00
avleonov
avleonov
Microsoft Patch Tuesday June 2020: The Bleeding Ghost of SMB
2020-06-23 01:31:46