CVE-2013-0084 — Path Traversal in Microsoft Sharepoint Foundation

CWE-22 — Path Traversal4 documents4 sources

Severity

7.5HIGHNVD

EPSS

33.0%

top 3.10%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Sharepoint Foundation Microsoft Sharepoint Server

Timeline

PublishedMar 13

Latest updateMay 5

Description

Directory traversal vulnerability in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attackers to bypass intended read restrictions for content, and hijack user accounts, via a crafted URL, aka "SharePoint Directory Traversal Vulnerability."

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶NVDmicrosoft/sharepoint_server2010

▶NVDmicrosoft/sharepoint_foundation2010

🔴Vulnerability Details

GHSA

GHSA-hcff-292w-f9c6: Directory traversal vulnerability in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attackers to bypass intende↗2022-05-05

▶

CVEList

CVE-2013-0084: Directory traversal vulnerability in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attackers to bypass intende↗2013-03-13

▶

🕵️Threat Intelligence

Zscaler

Zscaler found Multiple Security Vulnerabilities | 03-12-2013↗

▶