Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB5002596
HistoryMay 14, 2024 - 7:00 a.m.

Description of the security update for SharePoint Server 2019: May 14, 2024 (KB5002596)

2024-05-1407:00:00
Microsoft
support.microsoft.com
37
sharepoint server 2019
security update
vulnerabilities
nonsecurity fixes
microsoft update
microsoft update catalog
microsoft download center

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

33.3%

JSON

Description of the security update for SharePoint Server 2019: May 14, 2024 (KB5002596)

Summary

This security update resolves a Microsoft SharePoint Server information disclosure vulnerability and Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerabilities, see the following security advisories:​​​​

Notes:

  • This is build 16.0.10410.20003 of the security update package.
  • To apply this security update, you must have the release version of Microsoft SharePoint Server 2019 installed on the computer.

Improvements and fixes

This security update contains a fix for the following nonsecurity issue in SharePoint Server 2019:

  • Fixes an issue in which you cannot open an event item that has an attachment in the Events web part on a modern page.

How to get and install the update

Method 1: Microsoft Update

This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the standalone package for this update, go to the Microsoft Update Catalog website.

Method 3: Microsoft Download Center

You can get the standalone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

More information

Security update deployment information

For deployment information about this update, see Deployments - Security Update Guide.

Security update replacement information

This security update replaces previously released security update 5002580.

File hash information

File name SHA256 hash
sts2019-kb5002596-fullfile-x64-glb.exe 5C367DFF2803C939B7FE826A4DF5641C5F4017687C874CB0089F9FF06AD102A1

File information

Download the list of files that are included in security update 5002596.

Information about protection and security

Protect yourself online: Windows Security supportLearn how we guard against cyber threats: Microsoft Security

Related

nessus 3
mskb 2
nvd 2
mscve 2
vulnrichment 2
githubexploit 1
zdi 1
cvelist 2
cve 2
talosblog 2
krebs 1
qualysblog 1
rapid7blog 1
nessus
nessus
Security Updates for Microsoft SharePoint Server 2016 (May 2024)
2024-05-14 00:00:00
Security Updates for Microsoft SharePoint Server Subscription Edition (May 2024)
2024-05-14 00:00:00
Security Updates for Microsoft SharePoint Server 2019 (May 2024)
2024-05-14 00:00:00
mskb
mskb
Description of the security update for SharePoint Server Subscription Edition: May 14, 2024 (KB5002599)
2024-05-14 07:00:00
Description of the security update for SharePoint Enterprise Server 2016: May 14, 2024 (KB5002598)
2024-05-14 07:00:00
nvd
nvd
CVE-2024-30043
2024-05-14 17:17:15
CVE-2024-30044
2024-05-14 17:17:16
mscve
mscve
Microsoft SharePoint Server Information Disclosure Vulnerability
2024-05-14 07:00:00
Microsoft SharePoint Server Remote Code Execution Vulnerability
2024-05-14 07:00:00
vulnrichment
vulnrichment
CVE-2024-30043 Microsoft SharePoint Server Information Disclosure Vulnerability
2024-05-14 16:57:29
CVE-2024-30044 Microsoft SharePoint Server Remote Code Execution Vulnerability
2024-05-14 16:57:15
githubexploit
githubexploit
Exploit for CVE-2024-30043
2024-06-06 18:31:57
zdi
zdi
Microsoft SharePoint BaseXmlDataSource XML External Entity Processing Information Disclosure Vulnerability
2024-05-14 00:00:00
cvelist
cvelist
CVE-2024-30044 Microsoft SharePoint Server Remote Code Execution Vulnerability
2024-05-14 16:57:15
CVE-2024-30043 Microsoft SharePoint Server Information Disclosure Vulnerability
2024-05-14 16:57:29
cve
cve
CVE-2024-30044
2024-05-14 17:17:16
CVE-2024-30043
2024-05-14 17:17:15
talosblog
talosblog
Rounding up some of the major headlines from RSA
2024-05-16 18:00:05
Only one critical vulnerability included in May’s Microsoft Patch Tuesday; One other zero-day in DWN Core
2024-05-14 17:57:08
krebs
krebs
Patch Tuesday, May 2024 Edition
2024-05-14 20:19:23
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday, May 2024 Security Update Review
2024-05-14 18:40:02
rapid7blog
rapid7blog
Patch Tuesday - May 2024
2024-05-14 20:25:36

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

33.3%

JSON
Related for KB5002596
nessus3mskb2nvd2mscve2vulnrichment2githubexploit1zdi1cvelist2cve2talosblog2krebs1qualysblog1rapid7blog1