CVE-2021-43242Improper Input Validation in Microsoft Sharepoint Enterprise Server 2016

CWE-20Improper Input Validation5 documents5 sources
Severity
5.7MEDIUMNVD
CNA7.6
EPSS
1.0%
top 22.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Microsoft Sharepoint Enterprise Server 2016Microsoft Sharepoint Foundation 2013 Service Pack 1Microsoft Sharepoint Server 2019+4 more
Timeline
PublishedDec 15
Latest updateFeb 8

Description

Microsoft SharePoint Server Spoofing Vulnerability

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:NExploitability: 2.1 | Impact: 3.6

Affected Packages7 packages

CVEListV5microsoft/microsoft_sharepoint_server_201916.0.016.0.10381.20001
CVEListV5microsoft/microsoft_sharepoint_enterprise_server_201616.0.016.0.5254.1000
CVEListV5microsoft/microsoft_sharepoint_server_subscription_edition16.0.016.0.14326.20620

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

3
OSV
libde265 vulnerabilities2024-02-08
GHSA
GHSA-7m2h-6799-f3jr: Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-423202021-12-16
CVEList
Microsoft SharePoint Server Spoofing Vulnerability2021-12-15

📋Vendor Advisories

1
Microsoft
Microsoft SharePoint Server Spoofing Vulnerability2021-12-14
CVE-2021-43242 — Improper Input Validation in Microsoft | cvebase