CVE-2021-31173Sensitive Information Exposure in Microsoft Sharepoint Enterprise Server 2016

CWE-200Sensitive Information Exposure4 documents4 sources
Severity
6.5MEDIUMNVD
CNA5.3
EPSS
5.2%
top 10.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Microsoft Sharepoint Enterprise Server 2016Microsoft Sharepoint Foundation 2013 Service Pack 1Microsoft Sharepoint Server 2019+2 more
Timeline
PublishedMay 11
Latest updateMay 24

Description

Microsoft SharePoint Server Information Disclosure Vulnerability

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages5 packages

CVEListV5microsoft/microsoft_sharepoint_server_201916.0.016.0.10374.20000
CVEListV5microsoft/microsoft_sharepoint_enterprise_server_201616.0.016.0.5161.1000
NVDmicrosoft/sharepoint_server2016, 2019+1

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-9hc6-hcmg-qj26: Microsoft SharePoint Server Information Disclosure Vulnerability2022-05-24
CVEList
Microsoft SharePoint Server Information Disclosure Vulnerability2021-05-11

📋Vendor Advisories

1
Microsoft
Microsoft SharePoint Server Information Disclosure Vulnerability2021-05-11
CVE-2021-31173 — Sensitive Information Exposure | cvebase