Lucene search
AnonymousZDI-20-694HistoryJun 09, 2020 - 12:00 a.m.
Microsoft SharePoint Server Web Part Remote Code Execution Vulnerability
2020-06-0900:00:00
Anonymous
www.zerodayinitiative.com
9
0.297 Low
EPSS
Percentile
97.0%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of Web Parts. When creating a SharePoint page, an attacker can upload XML containing an arbitrary Web Part definition. An attacker can leverage this vulnerability to execute code in the context of the service account.
Related
nvd
nvd
CVE-2020-1181
2020-06-09 20:15:13
cve
cve
CVE-2020-1181
2020-06-09 20:15:13
cvelist
cvelist
CVE-2020-1181
2020-06-09 19:43:19
prion
prion
Remote code execution
2020-06-09 20:15:00
mscve
mscve
Microsoft SharePoint Server Remote Code Execution Vulnerability
2020-06-09 07:00:00
mskb
mskb
qualysblog
qualysblog
nessus
nessus
Security Updates for Microsoft SharePoint Server (June 2020)
2020-06-09 00:00:00
threatpost
threatpost
Microsoft June Patch Tuesday Fixes 129 Flaws in Largest-Ever Update
2020-06-09 19:28:54
kaspersky
kaspersky
KLA11808 Multiple vulnerabilities in Microsoft Office
2020-06-09 00:00:00
avleonov
avleonov
Microsoft Patch Tuesday June 2020: The Bleeding Ghost of SMB
2020-06-23 01:31:46