Lucene search

K
nessusThis script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.WEB_APPLICATION_SCANNING_112739
HistoryApr 01, 2021 - 12:00 a.m.

Microsoft SharePoint Server 2016 < 16.0.5071.1000 Multiple Vulnerabilities

2021-04-0100:00:00
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
24

According to its self-reported version number, the Microsoft SharePoint application running on the remote host is affected by multiple vulnerabilities :

  • A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory.

  • A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package.

  • An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory.

  • An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages.

  • A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server.

  • This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.

Note that the scanner has not tested for these issues but has instead relied only on the application’s self-reported version number.

No source data
VendorProductVersion
amicrosoftsharepoint_server

References