Security features bypass in Microsoft products - CVE-2022-21968
Published: February 8, 2022
Vulnerability identifier: #VU60416
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-21968
CWE-ID: CWE-254
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Microsoft
Affected software:
Microsoft SharePoint Server
Microsoft SharePoint Foundation
Microsoft SharePoint Server Subscription Edition
Microsoft SharePoint Enterprise Server
Microsoft SharePoint Server
Microsoft SharePoint Foundation
Microsoft SharePoint Server Subscription Edition
Microsoft SharePoint Enterprise Server
Detailed vulnerability description
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to an error in Microsoft SharePoint Server. A remote authenticated attacker can gain access to sensitive information.
How to mitigate CVE-2022-21968
Install updates from vendor's website.