Lucene search
HistorySep 13, 2022 - 7:15 p.m.
CVE-2022-35823
cve-2022-35823
nvd
microsoft sharepoint
remote code execution
vulnerability
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.6 High
AI Score
Confidence
High
0.022 Low
EPSS
Percentile
89.4%
Microsoft SharePoint Remote Code Execution Vulnerability
Affected configurations
Node
microsoftmicrosoft_sharepoint_enterprise_server_2016Range16.0.0–16.0.5361.1002
ORmicrosoftmicrosoft_sharepoint_enterprise_server_2013_sp1Range15.0.0–15.0.5485.1000sp1
ORmicrosoftmicrosoft_sharepoint_server_2019Range16.0.0–16.0.10390.20000
ORmicrosoftsharepoint_serverRange16.0.0–16.0.15601.20052
ORmicrosoftmicrosoft_sharepoint_foundation_2013_sp1Range15.0.0–15.0.5485.1000sp1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | microsoft_sharepoint_enterprise_server_2016 | * | cpe:2.3:a:microsoft:microsoft_sharepoint_enterprise_server_2016:*:*:*:*:*:*:*:* |
| microsoft | microsoft_sharepoint_enterprise_server_2013_sp1 | * | cpe:2.3:a:microsoft:microsoft_sharepoint_enterprise_server_2013_sp1:*:sp1:*:*:*:*:*:* |
| microsoft | microsoft_sharepoint_server_2019 | * | cpe:2.3:a:microsoft:microsoft_sharepoint_server_2019:*:*:*:*:*:*:*:* |
| microsoft | sharepoint_server | * | cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:*:*:*:* |
| microsoft | microsoft_sharepoint_foundation_2013_sp1 | * | cpe:2.3:a:microsoft:microsoft_sharepoint_foundation_2013_sp1:*:sp1:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Microsoft SharePoint Enterprise Server 2016",
"cpes": [
"cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "16.0.0",
"lessThan": "16.0.5361.1002",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft SharePoint Enterprise Server 2013 Service Pack 1",
"cpes": [
"cpe:2.3:a:microsoft:sharepoint_server:2013:sp1:*:*:enterprise:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.0.0",
"lessThan": "15.0.5485.1000",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft SharePoint Server 2019",
"cpes": [
"cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "16.0.0",
"lessThan": "16.0.10390.20000",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft SharePoint Server Subscription Edition",
"cpes": [
"cpe:2.3:a:microsoft:sharepoint_server:-:*:*:*:subscription:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "16.0.0",
"lessThan": "16.0.15601.20052",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft SharePoint Foundation 2013 Service Pack 1",
"cpes": [
"cpe:2.3:a:microsoft:sharepoint_foundation:2013:sp1:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.0.0",
"lessThan": "15.0.5485.1000",
"versionType": "custom",
"status": "affected"
}
]
}
]Social References
More
Related
cvelist
cvelist
CVE-2022-35823 Microsoft SharePoint Remote Code Execution Vulnerability
2022-09-13 00:00:00
zdi
zdi
prion
prion
Remote code execution
2022-09-13 19:15:00
nvd
nvd
CVE-2022-35823
2022-09-13 19:15:11
mscve
mscve
Microsoft SharePoint Remote Code Execution Vulnerability
2022-09-13 07:00:00
nessus
nessus
Security Updates for Microsoft SharePoint Server 2019 (September 2022)
2022-09-16 00:00:00
Security Updates for Microsoft SharePoint Server 2013 (September 2022)
2022-09-16 00:00:00
Security Updates for Microsoft SharePoint Server 2016 (September 2022)
2022-09-16 00:00:00
mskb
mskb
kaspersky
kaspersky
KLA19250 Multiple vulnerabilities in Microsoft Office
2022-09-13 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - September 2022
2022-09-13 20:11:08
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.6 High
AI Score
Confidence
High
0.022 Low
EPSS
Percentile
89.4%
Related for CVE-2022-35823