Lucene search
HistoryApr 11, 2023 - 9:15 p.m.
CVE-2023-28288
cve-2023-28288
microsoft
sharepoint
server
spoofing
vulnerability
nvd
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
7.7 High
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
76.1%
Microsoft SharePoint Server Spoofing Vulnerability
Affected configurations
Node
microsoftmicrosoft_sharepoint_enterprise_server_2016Range16.0.0–16.0.5391.1000
ORmicrosoftmicrosoft_sharepoint_enterprise_server_2013_sp1Range15.0.0–15.0.5545.1000sp1
ORmicrosoftmicrosoft_sharepoint_server_2019Range16.0.0–16.0.10397.20002
ORmicrosoftsharepoint_serverRange16.0.0–16.0.16130.20314
ORmicrosoftmicrosoft_sharepoint_foundation_2013_sp1Range15.0.0–15.0.5545.1000sp1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | microsoft_sharepoint_enterprise_server_2016 | * | cpe:2.3:a:microsoft:microsoft_sharepoint_enterprise_server_2016:*:*:*:*:*:*:*:* |
| microsoft | microsoft_sharepoint_enterprise_server_2013_sp1 | * | cpe:2.3:a:microsoft:microsoft_sharepoint_enterprise_server_2013_sp1:*:sp1:*:*:*:*:*:* |
| microsoft | microsoft_sharepoint_server_2019 | * | cpe:2.3:a:microsoft:microsoft_sharepoint_server_2019:*:*:*:*:*:*:*:* |
| microsoft | sharepoint_server | * | cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:*:*:*:* |
| microsoft | microsoft_sharepoint_foundation_2013_sp1 | * | cpe:2.3:a:microsoft:microsoft_sharepoint_foundation_2013_sp1:*:sp1:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Microsoft SharePoint Enterprise Server 2016",
"cpes": [
"cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "16.0.0",
"lessThan": "16.0.5391.1000",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft SharePoint Enterprise Server 2013 Service Pack 1",
"cpes": [
"cpe:2.3:a:microsoft:sharepoint_server:2013:sp1:*:*:enterprise:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.0.0",
"lessThan": "15.0.5545.1000",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft SharePoint Server 2019",
"cpes": [
"cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "16.0.0",
"lessThan": "16.0.10397.20002",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft SharePoint Server Subscription Edition",
"cpes": [
"cpe:2.3:a:microsoft:sharepoint_server:-:*:*:*:subscription:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "16.0.0",
"lessThan": "16.0.16130.20314",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft SharePoint Foundation 2013 Service Pack 1",
"cpes": [
"cpe:2.3:a:microsoft:sharepoint_foundation:2013:sp1:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.0.0",
"lessThan": "15.0.5545.1000",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
mscve
mscve
Microsoft SharePoint Server Spoofing Vulnerability
2023-04-11 07:00:00
mskb
mskb
nessus
nessus
Security Updates for Microsoft SharePoint Server 2016 (March 2023)
2023-04-11 00:00:00
Security Updates for Microsoft SharePoint Server 2013 (April 2023)
2023-04-11 00:00:00
Security Updates for Microsoft SharePoint Server 2019 (April 2023)
2023-04-11 00:00:00
nvd
nvd
CVE-2023-28288
2023-04-11 21:15:27
cnvd
cnvd
Microsoft SharePoint Server Spoofing Vulnerability (CNVD-2023-72199)
2023-04-13 00:00:00
cvelist
cvelist
CVE-2023-28288 Microsoft SharePoint Server Spoofing Vulnerability
2023-04-11 19:13:18
zdi
zdi
packetstorm
packetstorm
Microsoft SharePoint Enterprise Server 2016 Spoofing
2023-06-27 00:00:00
zdt
zdt
Microsoft SharePoint Enterprise Server 2016 - Spoofing Exploit
2023-06-26 00:00:00
prion
prion
Spoofing
2023-04-11 21:15:00
exploitdb
exploitdb
Microsoft SharePoint Enterprise Server 2016 - Spoofing
2023-06-26 00:00:00
kaspersky
kaspersky
KLA48823 Multiple vulnerabilities in Microsoft Office
2023-04-11 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - April 2023
2023-04-11 22:49:56
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
7.7 High
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
76.1%
Related for CVE-2023-28288