Lucene search
HistoryOct 11, 2022 - 7:15 p.m.
CVE-2022-41037
cve-2022-41037
microsoft
sharepoint
server
remote code execution
vulnerability
nvd
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
9.1 High
AI Score
Confidence
High
0.013 Low
EPSS
Percentile
85.9%
Microsoft SharePoint Server Remote Code Execution Vulnerability
Affected configurations
Node
microsoftmicrosoft_sharepoint_enterprise_server_2016Range16.0.0–16.0.5365.1000
ORmicrosoftmicrosoft_sharepoint_enterprise_server_2013_sp1Range15.0.0–15.0.5493.1000sp1
ORmicrosoftmicrosoft_sharepoint_server_2019Range16.0.0–16.0.10391.20000
ORmicrosoftsharepoint_serverRange16.0.0–16.0.15601.20158
ORmicrosoftmicrosoft_sharepoint_foundation_2013_sp1Range15.0.0–15.0.5493.1000sp1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | microsoft_sharepoint_enterprise_server_2016 | * | cpe:2.3:a:microsoft:microsoft_sharepoint_enterprise_server_2016:*:*:*:*:*:*:*:* |
| microsoft | microsoft_sharepoint_enterprise_server_2013_sp1 | * | cpe:2.3:a:microsoft:microsoft_sharepoint_enterprise_server_2013_sp1:*:sp1:*:*:*:*:*:* |
| microsoft | microsoft_sharepoint_server_2019 | * | cpe:2.3:a:microsoft:microsoft_sharepoint_server_2019:*:*:*:*:*:*:*:* |
| microsoft | sharepoint_server | * | cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:*:*:*:* |
| microsoft | microsoft_sharepoint_foundation_2013_sp1 | * | cpe:2.3:a:microsoft:microsoft_sharepoint_foundation_2013_sp1:*:sp1:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Microsoft SharePoint Enterprise Server 2016",
"cpes": [
"cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "16.0.0",
"lessThan": "16.0.5365.1000",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft SharePoint Enterprise Server 2013 Service Pack 1",
"cpes": [
"cpe:2.3:a:microsoft:sharepoint_server:2013:sp1:*:*:enterprise:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.0.0",
"lessThan": "15.0.5493.1000",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft SharePoint Server 2019",
"cpes": [
"cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "16.0.0",
"lessThan": "16.0.10391.20000",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft SharePoint Server Subscription Edition",
"cpes": [
"cpe:2.3:a:microsoft:sharepoint_server:-:*:*:*:subscription:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "16.0.0",
"lessThan": "16.0.15601.20158",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft SharePoint Foundation 2013 Service Pack 1",
"cpes": [
"cpe:2.3:a:microsoft:sharepoint_foundation:2013:sp1:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.0.0",
"lessThan": "15.0.5493.1000",
"versionType": "custom",
"status": "affected"
}
]
}
]Social References
More
Related
nvd
nvd
CVE-2022-41037
2022-10-11 19:15:20
prion
prion
Remote code execution
2022-10-11 19:15:00
cvelist
cvelist
mscve
mscve
Microsoft SharePoint Server Remote Code Execution Vulnerability
2022-10-11 07:00:00
mskb
mskb
nessus
nessus
Security Updates for Microsoft SharePoint Server Subscription Edition (October 2022)
2022-10-11 00:00:00
Security Updates for Microsoft SharePoint Server 2013 (October 2022)
2022-10-11 00:00:00
Security Updates for Microsoft SharePoint Server 2019 (October 2022)
2022-10-11 00:00:00
kaspersky
kaspersky
KLA20002 Multiple vulnerabilities in Microsoft Office
2022-10-11 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - October 2022
2022-10-11 18:35:28
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
9.1 High
AI Score
Confidence
High
0.013 Low
EPSS
Percentile
85.9%
Related for CVE-2022-41037