This vulnerability allows remote malicious users to disclose sensitive information on affected installations of Microsoft SharePoint. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the userphoto endpoint. The issue results from the exposure of sensitive information. An attacker can leverage this vulnerability to disclose information in the context of the SharePoint server.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft windows server 2012 r2 |
||
microsoft windows server 2016 - |
||
microsoft windows server 2008 - |
||
microsoft windows server 2008 r2 |
||
microsoft windows server 2012 - |
||
microsoft windows server 2022 - |
||
microsoft windows 11 22h2 |
||
microsoft windows 10 1809 |
||
microsoft windows 10 20h2 |
||
microsoft windows 11 21h2 |
||
microsoft windows 10 21h2 |
||
microsoft windows 10 22h2 |
||
microsoft windows 10 1607 |
||
microsoft windows 10 1507 |
||
microsoft sharepoint enterprise server 2016 |
||
microsoft sharepoint server 2019 |
||
microsoft sharepoint server - |