CVE-2022-21968Improper Authentication in Microsoft Sharepoint Enterprise Server 2016

CWE-287Improper Authentication4 documents4 sources
Severity
4.3MEDIUMNVD
EPSS
1.0%
top 22.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Microsoft Sharepoint Enterprise Server 2016Microsoft Sharepoint Foundation 2013 Service Pack 1Microsoft Sharepoint Server 2019+4 more
Timeline
PublishedFeb 9
Latest updateFeb 10

Description

Microsoft SharePoint Server Security Feature Bypass Vulnerability

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages7 packages

CVEListV5microsoft/microsoft_sharepoint_server_201916.0.016.0.10383.20001
CVEListV5microsoft/microsoft_sharepoint_enterprise_server_201616.0.016.0.5278.1000
CVEListV5microsoft/microsoft_sharepoint_server_subscription_edition16.0.016.0.14326.20742

🔴Vulnerability Details

2
GHSA
GHSA-gw5x-mfp3-c35v: Microsoft SharePoint Server Security Feature BypassVulnerability2022-02-10
CVEList
Microsoft SharePoint Server Security Feature Bypass Vulnerability2022-02-09

📋Vendor Advisories

1
Microsoft
Microsoft SharePoint Server Security Feature Bypass Vulnerability2022-02-08
CVE-2022-21968 — Improper Authentication in Microsoft | cvebase