CVE-2015-1700Improper Input Validation in Microsoft Sharepoint Foundation

CWE-20Improper Input Validation6 documents5 sources
Severity
6.0MEDIUMNVD
EPSS
20.2%
top 4.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft Sharepoint FoundationMicrosoft Sharepoint Server
Timeline
PublishedMay 13
Latest updateMay 14

Description

Microsoft SharePoint Server 2007 SP3, SharePoint Foundation 2010 SP2, SharePoint Server 2010 SP2, and SharePoint Foundation 2013 SP1 allow remote authenticated users to execute arbitrary code via crafted page content, aka "Microsoft SharePoint Page Content Vulnerabilities."

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 6.8 | Impact: 6.4

Affected Packages2 packages

NVDmicrosoft/sharepoint_server2007, 2010, 2013+2

🔴Vulnerability Details

2
GHSA
GHSA-c986-x39p-86rc: Microsoft SharePoint Server 2007 SP3, SharePoint Foundation 2010 SP2, SharePoint Server 2010 SP2, and SharePoint Foundation 2013 SP1 allow remote auth2022-05-14
CVEList
CVE-2015-1700: Microsoft SharePoint Server 2007 SP3, SharePoint Foundation 2010 SP2, SharePoint Server 2010 SP2, and SharePoint Foundation 2013 SP1 allow remote auth2015-05-13

🕵️Threat Intelligence

2
Talos
Microsoft Patch Tuesday - May 20152015-05-12
Talos
Microsoft Patch Tuesday - May 20152015-05-12

💬Community

1
Bugzilla
CVE-2015-5190 pcs: Command injection with root privileges.2015-08-12
CVE-2015-1700 — Improper Input Validation in Microsoft | cvebase