CVE-2019-0952 — Microsoft Sharepoint Enterprise Server vulnerability
4 documents4 sources
Severity
8.8HIGHNVD
EPSS
36.1%
top 2.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMay 16
Latest updateMay 24
Description
A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls, aka 'Microsoft SharePoint Server Remote Code Execution Vulnerability'.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9
Affected Packages4 packages
Patches
🔴Vulnerability Details
2GHSA▶
GHSA-qrf4-v7w7-vc33: A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP↗2022-05-24
CVEList▶
CVE-2019-0952: A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP↗2019-05-16