CVE-2018-0790
Last modified
CVE-2018-0790 is a vulnerability of currently unknown severity. Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 and Microsoft SharePoint Server 2016 allow an elevation of privilege vulnerability due to the way web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0789.. EPSS estimates a 5.25% chance of exploitation in the next 30 days.
Description
Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 and Microsoft SharePoint Server 2016 allow an elevation of privilege vulnerability due to the way web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0789.
Metrics
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Microsoft | Sharepoint Enterprise Server | 2013 | Sp1 |
| Microsoft | Sharepoint Enterprise Server | 2016 | — |
| Microsoft | Sharepoint Foundation | 2010 | Sp2 |
References
- http://www.securityfocus.com/bid/102391Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1040150Third Party Advisory, VDB Entry
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0790Patch, Vendor Advisory
- http://www.securityfocus.com/bid/102391Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1040150Third Party Advisory, VDB Entry
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0790Patch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-0790?
How severe is CVE-2018-0790?
How do I fix CVE-2018-0790?
Are you affected by CVE-2018-0790?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST