Published: 14/03/2018 Updated: 03/10/2019

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 578

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Subscribe to Sharepoint Enterprise Server

Microsoft SharePoint Foundation 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910. CVE-2018-0911, CVE-2018-0912, CVE-2018-0913 CVE-2018-0914, CVE-2018-0915, CVE-2018-0916, CVE-2018-0917, CVE-2018-0921, CVE-2018-0923 and CVE-2018-0944.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft sharepoint enterprise server 2016
microsoft sharepoint enterprise server 2013

It's March 2018, and your Windows PC can be pwned by a web article (well, none of OURS)

The Register • Shaun Nichols in San Francisco • 13 Mar 2018

Plus plenty of other Microsoft and Adobe bugs to fix

Patch Tuesday Microsoft delivered another hefty bundle of patches with its scheduled monthly update. The March edition of Patch Tuesday lands just hours before researchers are expected to flaunt their latest and greatest exploits at the CanSecWest Pwn2Own hacking competition in Vancouver. Hopefully nobody was planning to use any of the 75 CVE-listed vulnerabilities Microsoft addressed today, including several for the Edge and Internet Explorer browsers that would allow remote code execution. The...

CVE-2018-0947

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect