This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SMB_NT_MS22_JUN_OFFICE_SHAREPOINT_SUBSCR.NASLSecurity Updates for Microsoft SharePoint Server Subscription Edition (June 2022)
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.7 High
AI Score
Confidence
High
0.016 Low
EPSS
Percentile
87.4%
The Microsoft SharePoint Server Subscription Edition installation on the remote host on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities:
-
A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2022-30157, CVE-2022-30158)
-
An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2022-30159, CVE-2022-30171, CVE-2022-30172)
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable, Inc.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(162192);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/06");
script_cve_id(
"CVE-2022-30157",
"CVE-2022-30158",
"CVE-2022-30159",
"CVE-2022-30171",
"CVE-2022-30172"
);
script_xref(name:"MSKB", value:"5002224");
script_xref(name:"MSFT", value:"MS22-5002224");
script_xref(name:"IAVA", value:"2022-A-0237-S");
script_name(english:"Security Updates for Microsoft SharePoint Server Subscription Edition (June 2022)");
script_set_attribute(attribute:"synopsis", value:
"The Microsoft SharePoint Server Subscription Edition installation on the remote host is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The Microsoft SharePoint Server Subscription Edition installation on the remote host on the remote host is missing
security updates. It is, therefore, affected by multiple vulnerabilities:
- A remote code execution vulnerability. An attacker can
exploit this to bypass authentication and execute
unauthorized arbitrary commands. (CVE-2022-30157, CVE-2022-30158)
- An information disclosure vulnerability. An attacker can
exploit this to disclose potentially sensitive
information. (CVE-2022-30159, CVE-2022-30171, CVE-2022-30172)");
script_set_attribute(attribute:"see_also", value:"https://support.microsoft.com/en-us/help/5002224");
script_set_attribute(attribute:"solution", value:
"Microsoft has released KB5002224 to address this issue.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-30157");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2022-30158");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/06/14");
script_set_attribute(attribute:"patch_publication_date", value:"2022/06/14");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/06/14");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:microsoft:sharepoint_server:subscription");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows : Microsoft Bulletins");
script_copyright(english:"This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("microsoft_sharepoint_installed.nbin", "smb_hotfixes.nasl", "ms_bulletin_checks_possible.nasl");
script_require_keys("SMB/MS_Bulletin_Checks/Possible");
script_require_ports(139, 445, "Host/patch_management_checks");
exit(0);
}
include('vcf_extras_microsoft.inc');
var app_info = vcf::microsoft::sharepoint::get_app_info();
var kb_checks =
[
{
'product' : 'Subscription Edition',
'edition' : 'Server',
'kb' : '5002224',
'path' : app_info.path,
'version' : '16.0.14931.20418',
'append' : 'webservices\\conversionservices',
'file' : 'pptconversion.dll',
'product_name' : 'Microsoft SharePoint Enterprise Server Subscription Edition'
}
];
vcf::microsoft::sharepoint::check_version_and_report
(
app_info:app_info,
bulletin:'MS22-06',
constraints:kb_checks,
severity:SECURITY_WARNING
);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | sharepoint_server | subscription | cpe:/a:microsoft:sharepoint_server:subscription |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30157
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30158
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30159
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30171
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30172
support.microsoft.com/en-us/help/5002224
Related
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.7 High
AI Score
Confidence
High
0.016 Low
EPSS
Percentile
87.4%