Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
symantecSymantec Security ResponseSMNTC-111228
HistoryDec 17, 2019 - 12:00 a.m.

Microsoft SharePoint Server CVE-2019-1491 Information Disclosure Vulnerability

2019-12-1700:00:00
Symantec Security Response
www.symantec.com
34
JSON

Description

Microsoft SharePoint Server is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks.

Technologies Affected

  • Microsoft SharePoint Enterprise Server 2016
  • Microsoft SharePoint Foundation 2010 SP2
  • Microsoft SharePoint Foundation 2013 SP1
  • Microsoft SharePoint Server 2019

Recommendations

Run all software as a nonprivileged user with minimal access rights.
When possible, run all software as a user with minimal privileges and limited access to system resources. Use additional precautions such as restrictive environments to insulate software that may potentially handle malicious content.

Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This may indicate exploit attempts or activity that results from successful exploits.

Updates are available. Please see the references or vendor advisory for more information.

Related

mscve 1
cve 1
threatpost 4
talosblog 1
kaspersky 1
cisa 1
mskb 4
nessus 1
mscve
mscve
Microsoft SharePoint Server Information Disclosure Vulnerability
2019-12-17 08:00:00
cve
cve
CVE-2019-1491
2022-11-25 16:22:34
threatpost
threatpost
Microsoft Launches Azure DevOps Bug Bounty Program
2019-01-17 22:36:42
Popular Web-Hosting Platform Bluehost Riddled with Flaws
2019-01-14 22:22:05
Microsoft Issues Out-of-Band Update for SharePoint Bug
2019-12-18 19:14:55
talosblog
talosblog
Threat Source newsletter (Dec. 19, 2019)
2019-12-19 11:00:05
kaspersky
kaspersky
KLA11632 An information disclosure vulnerability in Microsoft Office
2019-12-17 00:00:00
cisa
cisa
Microsoft Releases Information on CVE-2019-1491
2019-12-18 00:00:00
mskb
mskb
Description of the security update for SharePoint Foundation 2010: November 12, 2019
2019-12-17 08:00:00
Description of the security update for SharePoint Enterprise Server 2016: November 12, 2019
2019-12-17 08:00:00
Description of the security update for SharePoint Foundation 2013: November 12, 2019
2019-12-17 08:00:00
nessus
nessus
Security Updates for Microsoft SharePoint Server (November 2019)
2019-11-12 00:00:00
JSON
Related for SMNTC-111228
mscve1cve1threatpost4talosblog1kaspersky1cisa1mskb4nessus1