Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMicrosoftCVE-2017-8514
HistoryJun 15, 2017 - 1:29 a.m.

CVE-2017-8514

2017-06-1501:29:03
CWE-79
microsoft
web.nvd.nist.gov
51
2
cve-2017-8514
information disclosure
vulnerability
microsoft sharepoint
nvd

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

AI Score

5.4

Confidence

High

EPSS

0.002

Percentile

62.1%

JSON

An information disclosure vulnerability exists when Microsoft SharePoint software fails to properly sanitize a specially crafted requests, aka “Microsoft SharePoint Reflective XSS Vulnerability”.

Affected configurations

Nvd
Vulners
Node
microsoftsharepoint_enterprise_serverMatch2016-
VendorProductVersionCPE
microsoftsharepoint_enterprise_server2016cpe:2.3:a:microsoft:sharepoint_enterprise_server:2016:-:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Microsoft SharePoint",
    "vendor": "Microsoft Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "Microsoft SharePoint Enterprise Server 2016"
      }
    ]
  }
]

Social References

More

Related

symantec 1
mscve 1
prion 1
cvelist 1
nvd 1
seebug 1
kaspersky 2
mskb 1
openvas 2
nessus 1
talosblog 1
trendmicroblog 1
symantec
symantec
Microsoft SharePoint CVE-2017-8514 Cross Site Scripting Vulnerability
2017-06-13 00:00:00
mscve
mscve
Microsoft SharePoint Reflective XSS Vulnerability
2017-06-13 07:00:00
prion
prion
Information disclosure
2017-06-15 01:29:00
cvelist
cvelist
CVE-2017-8514
2017-06-15 01:00:00
nvd
nvd
CVE-2017-8514
2017-06-15 01:29:03
seebug
seebug
A Look at --- SharePoint's Follow Feature XSS(CVE-2017-8514 )
2017-06-14 00:00:00
kaspersky
kaspersky
KLA11053 XSS vulnerabilities in Microsoft Sharepoint
2017-06-13 00:00:00
KLA11049 Multiple vulnerabilities in Microsoft Office
2017-06-13 00:00:00
mskb
mskb
Description of the security update for SharePoint Server 2016: June 13, 2017
2017-06-13 07:00:00
openvas
openvas
Microsoft SharePoint Enterprise Server 2016 Multiple Vulnerabilities (KB3203432)
2017-06-14 00:00:00
Microsoft SharePoint Enterprise Server 2013 Unspecified Vulnerability (KB3203387)
2017-06-15 00:00:00
nessus
nessus
Security Update for Microsoft SharePoint Server (June 2017)
2017-06-14 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday - June 2017
2017-06-13 13:48:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of June 12, 2017
2017-06-16 12:00:40

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

AI Score

5.4

Confidence

High

EPSS

0.002

Percentile

62.1%

JSON
Related for CVE-2017-8514
symantec1mscve1prion1cvelist1nvd1seebug1kaspersky2mskb1openvas2nessus1talosblog1trendmicroblog1