CVE-2013-0080 — Microsoft Sharepoint Foundation vulnerability

CWE-2644 documents4 sources

Severity

7.5HIGHNVD

EPSS

50.3%

top 2.15%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Sharepoint Foundation Microsoft Sharepoint Server

Timeline

PublishedMar 13

Latest updateMay 5

Description

Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allow remote attackers to bypass intended read restrictions for content, and hijack user accounts, via a crafted URL, aka "Callback Function Vulnerability."

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶NVDmicrosoft/sharepoint_server2010

▶NVDmicrosoft/sharepoint_foundation2010

🔴Vulnerability Details

GHSA

GHSA-4jx9-jm24-44fx: Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allow remote attackers to bypass intended read restrictions for content, and h↗2022-05-05

▶

CVEList

CVE-2013-0080: Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allow remote attackers to bypass intended read restrictions for content, and h↗2013-03-13

▶

🕵️Threat Intelligence

Zscaler

Zscaler found Multiple Security Vulnerabilities | 03-12-2013↗

▶