CVE-2020-1210: A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker…

high8.8CVSS 3.1

AVNACLPRLUINSUCHIHAH

ITW

Exploited in the wild

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account. Exploitation of this vulnerability requires that a user uploads a specially crafted SharePoint application package to an affected version of SharePoint. The security update addresses the vulnerability by correcting how SharePoint checks the source markup of application packages.

Affected

15 ranges

Vendor	Product	Version range	Fixed in
microsoft	microsoft_business_productivity_servers_2010_service_pack_2	>= 13.0.0.0 < publication	publication
microsoft	microsoft_sharepoint_enterprise_server_2013_service_pack_1	>= 15.0.0 < publication	publication
microsoft	microsoft_sharepoint_enterprise_server_2016	>= 16.0.0 < publication	publication
microsoft	microsoft_sharepoint_server_2010_service_pack_2	>= 13.0.0.0 < publication	publication
microsoft	microsoft_sharepoint_server_2019	>= 16.0.0 < publication	publication
microsoft	sharepoint_enterprise_server	—	—
microsoft	sharepoint_enterprise_server	—	—
microsoft	sharepoint_foundation	—	—
microsoft	sharepoint_foundation	—	—
microsoft	sharepoint_server	—	—
msrc	microsoft_business_productivity_servers_2010_service_pack_2	—	—
msrc	microsoft_sharepoint_enterprise_server_2013_service_pack_1	—	—
msrc	microsoft_sharepoint_enterprise_server_2016	—	—
msrc	microsoft_sharepoint_server_2010_service_pack_2	—	—
msrc	microsoft_sharepoint_server_2019	—	—

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

vulncheck9.9CRITICAL