Multiple vulnerabilities in Microsoft SharePoint Server



Published: 2020-09-08
Risk Medium
Patch available YES
Number of vulnerabilities 10
CVE-ID CVE-2020-1460
CVE-2020-1452
CVE-2020-1453
CVE-2020-1576
CVE-2020-1200
CVE-2020-1205
CVE-2020-1210
CVE-2020-1440
CVE-2020-1523
CVE-2020-1595
CWE-ID CWE-20
CWE-451
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Microsoft SharePoint Server
Server applications / Application servers

Microsoft SharePoint Foundation
Server applications / Application servers

Microsoft Business Productivity Servers
Server applications / Other server solutions

Vendor Microsoft

Security Bulletin

This security bulletin contains information about 10 vulnerabilities.

1) Input validation error

EUVDB-ID: #VU46415

Risk: Medium

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-1460

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the system.

The vulnerability exists due to the Microsoft SharePoint Server fails to properly identify and filter unsafe ASP.Net web controls. A remote authenticated attacker can create and invoke a specially crafted page and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Microsoft SharePoint Server: 2013 - 2019

Microsoft SharePoint Foundation: 2010 Service Pack 2 - 2013

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1460


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Input validation error

EUVDB-ID: #VU46414

Risk: Medium

CVSSv3.1: 8.6 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-1452

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to the affected software fails to check the source markup of an application package. A remote authenticated attacker can upload a specially crafted SharePoint application package and execute arbitrary code on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Microsoft SharePoint Server: 2013 - 2019

Microsoft SharePoint Foundation: 2010 Service Pack 2 - 2013

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1452


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Input validation error

EUVDB-ID: #VU46413

Risk: Medium

CVSSv3.1: 8.6 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-1453

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to the affected software fails to check the source markup of an application package. A remote authenticated attacker can upload a specially crafted SharePoint application package and execute arbitrary code on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Microsoft SharePoint Server: 2013 - 2019

Microsoft SharePoint Foundation: 2010 Service Pack 2 - 2013

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1453


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Input validation error

EUVDB-ID: #VU46408

Risk: Medium

CVSSv3.1: 8.6 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-1576

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to the affected software fails to check the source markup of an application package. A remote authenticated attacker can upload a specially crafted SharePoint application package and execute arbitrary code on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Microsoft SharePoint Server: 2010 - 2019

Microsoft SharePoint Foundation: 2010 Service Pack 2 - 2013

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1576


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Input validation error

EUVDB-ID: #VU46406

Risk: Medium

CVSSv3.1: 8.6 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-1200

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to the affected software fails to check the source markup of an application package. A remote authenticated attacker can upload a specially crafted SharePoint application package and execute arbitrary code on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Microsoft SharePoint Server: 2016 - 2019

Microsoft SharePoint Foundation: 2010 Service Pack 2 - 2013

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1200


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Spoofing attack

EUVDB-ID: #VU46405

Risk: Medium

CVSSv3.1: 4 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-1205

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of user-supplied data. A remote authenticated attacker can send a specially crafted request and spoof page content.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Microsoft SharePoint Server: 2016 - 2019

Microsoft SharePoint Foundation: 2010 Service Pack 2 - 2013

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1205


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Input validation error

EUVDB-ID: #VU46402

Risk: Medium

CVSSv3.1: 8.6 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-1210

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to the affected software fails to check the source markup of an application package. A remote authenticated attacker can upload a specially crafted SharePoint application package and execute arbitrary code on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Microsoft SharePoint Server: 2010 - 2019

Microsoft Business Productivity Servers: 2010

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Input validation error

EUVDB-ID: #VU46400

Risk: Medium

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-1440

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to the Microsoft SharePoint Server fails to properly handle profile data. A remote authenticated attacker can send a specially modified request to the server and modify a targeted user's profile data.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Microsoft SharePoint Server: 2010 - 2019

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1440


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Input validation error

EUVDB-ID: #VU46399

Risk: Medium

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-1523

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to the Microsoft SharePoint Server fails to properly handle profile data. A remote authenticated attacker can send a specially modified request to the server and modify a targeted user's profile data.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Microsoft SharePoint Server: 2019

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1523


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Input validation error

EUVDB-ID: #VU46398

Risk: Medium

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-1595

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the system.

The vulnerability exists due to insufficient validation of user-supplied input in Microsoft SharePoint. A remote authenticated attacker can pass specially crafted input to the application and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Microsoft SharePoint Server: 2013 - 2019

Microsoft SharePoint Server: 2013

External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1595


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###