Lucene search

K
nessusThis script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.WEB_APPLICATION_SCANNING_112329
HistoryApr 29, 2020 - 12:00 a.m.

Microsoft SharePoint Server 2016 build < 16.0.4912.1000 Multiple Vulnerabilities

2020-04-2900:00:00
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
7

According to its self-reported version number, the Microsoft SharePoint application running on the remote host is affected by multiple vulnerabilities :

  • A remote code execution vulnerability exists in Microsoft SharePoint software when the software fails to properly handle objects in memory.

  • A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server.

  • A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server.

  • An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server.

  • An elevation of privilege vulnerability exists in Microsoft SharePoint.

Note that the scanner has not tested for these issues but has instead relied only on the application’s self-reported version number.

No source data
VendorProductVersion
amicrosoftsharepoint_server