This vulnerability allows remote malicious users to relay NTLM credentials on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of the AdRotator WebControl. The issue results from the lack of proper input validation. An attacker can leverage this vulnerability to relay NTLM credentials of the service account.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft sharepoint enterprise server 2016 |
||
microsoft sharepoint server 2019 |
||
microsoft sharepoint server - |