DATABASE RESOURCES PRICING ABOUT US

{"id": "WEB_APPLICATION_SCANNING_112740", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "Microsoft SharePoint Server 2013 < 15.0.5285.1000 Multiple Vulnerabilities", "description": "According to its self-reported version number, the Microsoft SharePoint application running on the remote host is affected by multiple vulnerabilities :\n\n - A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory.\n\n - A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package.\n\n - An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory.\n\n - An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages.\n\n - A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server.\n\n - This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "published": "2021-04-01T00:00:00", "modified": "2023-03-14T00:00:00", "epss": [], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/was/112740", "reporter": "This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16945", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16942", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16941", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16948", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16948", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16952", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16929", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16950", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16942", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16944", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16946", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16950", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16953", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16951", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16952", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16941", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16946", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16944", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16929", "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16945", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16953", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16951"], "cvelist": [], "immutableFields": [], "lastseen": "2023-05-18T15:25:23", "viewCount": 18, "enchantments": {"dependencies": {"references": []}, "score": {"value": 0.3, "vector": "NONE"}, "backreferences": {"references": [{"type": "attackerkb", "idList": ["AKB:E6BD4207-BAC0-40E1-A4C8-92B6D3D58D4B"]}, {"type": "avleonov", "idList": ["AVLEONOV:28E47C69DA4A069031694EB4C2C931BA"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2020-1043", "CPAI-2020-1367"]}, {"type": "cisa", "idList": ["CISA:48962A3B37B032DCF622B3E3135B8A1A"]}, {"type": "cve", "idList": ["CVE-2020-16929", "CVE-2020-16941", "CVE-2020-16942", "CVE-2020-16944", "CVE-2020-16945", "CVE-2020-16946", "CVE-2020-16948", "CVE-2020-16950", "CVE-2020-16951", "CVE-2020-16952", "CVE-2020-16953"]}, {"type": "kaspersky", "idList": ["KLA11976"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/MSFT-CVE-2020-16951/"]}, {"type": "mscve", "idList": ["MS:CVE-2020-16929", "MS:CVE-2020-16941", "MS:CVE-2020-16942", "MS:CVE-2020-16944", "MS:CVE-2020-16945", "MS:CVE-2020-16946", "MS:CVE-2020-16948", "MS:CVE-2020-16950", "MS:CVE-2020-16951", "MS:CVE-2020-16952", "MS:CVE-2020-16953"]}, {"type": "mskb", "idList": ["KB4486676"]}, {"type": "nessus", "idList": ["SMB_NT_MS20_OCT_EXCEL.NASL", "SMB_NT_MS20_OCT_OFFICE.NASL", "SMB_NT_MS20_OCT_OFFICE_SHAREPOINT_2010.NASL", "SMB_NT_MS20_OCT_OFFICE_SHAREPOINT_2013.NASL", "SMB_NT_MS20_OCT_OFFICE_SHAREPOINT_2016.NASL", "SMB_NT_MS20_OCT_OFFICE_SHAREPOINT_2019.NASL", "SMB_NT_MS20_OCT_OFFICE_WEB.NASL"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:159612"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:9E7466695714D29E4314F63F45A74EB3"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:801DC63ED24DFFC38FE4775AAD07ADDB"]}, {"type": "srcincite", "idList": ["SRC-2020-0022", "SRC-2020-0024"]}, {"type": "threatpost", "idList": ["THREATPOST:779B904F971138531725D1E57FDFF9DD"]}, {"type": "zdi", "idList": ["ZDI-20-1251"]}, {"type": "zdt", "idList": ["1337DAY-ID-35071"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2020-16929", "epss": 0.0164, "percentile": 0.85617, "modified": "2023-05-07"}, {"cve": "CVE-2020-16941", "epss": 0.00043, "percentile": 0.07428, "modified": "2023-05-07"}, {"cve": "CVE-2020-16942", "epss": 0.00043, "percentile": 0.07428, "modified": "2023-05-07"}, {"cve": "CVE-2020-16944", "epss": 0.00056, "percentile": 0.21258, "modified": "2023-05-07"}, {"cve": "CVE-2020-16945", "epss": 0.00103, "percentile": 0.40776, "modified": "2023-05-07"}, {"cve": "CVE-2020-16946", "epss": 0.00103, "percentile": 0.40776, "modified": "2023-05-07"}, {"cve": "CVE-2020-16948", "epss": 0.02683, "percentile": 0.88847, "modified": "2023-05-07"}, {"cve": "CVE-2020-16950", "epss": 0.00116, "percentile": 0.4404, "modified": "2023-05-07"}, {"cve": "CVE-2020-16951", "epss": 0.01131, "percentile": 0.82572, "modified": "2023-05-07"}, {"cve": "CVE-2020-16952", "epss": 0.19036, "percentile": 0.9549, "modified": "2023-05-07"}, {"cve": "CVE-2020-16953", "epss": 0.02683, "percentile": 0.88847, "modified": "2023-05-07"}], "vulnersScore": 0.3}, "_state": {"dependencies": 1684449048, "score": 1684450723, "epss": 0}, "_internal": {"score_hash": "20d3abba2a205e0d695f81bf00cfc349"}, "pluginID": "112740", "sourceData": "No source data", "naslFamily": "Component Vulnerability", "cpe": ["cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:*:*:*:*"], "solution": "Upgrade to Microsoft SharePoint Server 2013 build 15.0.5285.1000 or later.", "nessusSeverity": "Medium", "cvssScoreSource": "CVE-2020-16929", "vendor_cvss2": {"score": 6.8, "vector": "CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "vendor_cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "vpr": {"risk factor": "High", "score": "8.4"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2020-10-16T00:00:00", "vulnerabilityPublicationDate": "2020-10-16T00:00:00", "exploitableWith": []}

{}