Lucene search
Mr_meZDI-21-830HistoryJul 19, 2021 - 12:00 a.m.
Microsoft SharePoint Missing Check of Message Integrity Vulnerability
2021-07-1900:00:00
mr_me
www.zerodayinitiative.com
32
sharepoint vulnerability
message integrity
network-adjacent attackers
user interaction
update downloads
arbitrary code execution
service account.
EPSS
0.517
Percentile
97.6%
This vulnerability allows network-adjacent attackers to tamper with update data on affected installations of Microsoft SharePoint. User interaction is required to exploit this vulnerability. The specific flaw exists within the handling of SharePoint Help updates. The issue results from a missing integrity check on update downloads. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the service account.
Related
mscve
mscve
Microsoft SharePoint Server Information Disclosure Vulnerability
2021-07-13 07:00:00
cvelist
cvelist
cve
cve
CVE-2021-34519
2021-07-14 18:15:12
mskb
mskb
prion
prion
Information disclosure
2021-07-14 18:15:00
nvd
nvd
CVE-2021-34519
2021-07-14 18:15:12
nessus
nessus
Security Updates for Microsoft Sharepoint 2016 (July 2021)
2021-07-13 00:00:00
Security Updates for Microsoft SharePoint Server 2013 (July 2021)
2021-07-13 00:00:00
kaspersky
kaspersky
KLA12220 Multiple vulnerabilities in Microsoft Office
2021-07-13 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - July 2021
2021-07-13 20:56:26