Severity Rating: HIGH
Software Affected :
Microsoft SharePoint Foundation 2013 Service Pack 1
Microsoft SharePoint Foundation 2010 Service Pack 2
Microsoft SharePoint Server 2019
Microsoft SharePoint Enterprise Server 2016
Overview :
Multiple vulnerabilities exist in Microsoft SharePoint which could allow a
remote attacker to execute arbitrary code on a targeted system.
Description :
These vulnerabilities exist due to improper input validation in Microsoft
SharePoint. A remote attacker can send a specially crafted request and
execute arbitrary code on the targeted system.
Successful exploitation of these vulnerabilities may result in the complete
compromise of a vulnerable system.
Solution :
Apply appropriate patches as mentioned by the vendor.
https://msrc.microsoft.com/update-guide/en-us/
Vendor Information:-
Microsoft :
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17118
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17121
References:-
Microsoft :
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17118
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17121
CVE Name
CVE-2020-17118
CVE-2020-17121
