First published: Tue Jun 09 2020(Updated: )
A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls, aka 'Microsoft SharePoint Server Remote Code Execution Vulnerability'.
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft SharePoint Enterprise Server | =2016 | |
Microsoft SharePoint Foundation | =2010-sp2 | |
Microsoft SharePoint Foundation | =2013-sp1 | |
Microsoft SharePoint Server | =2019 | |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-1181 is a vulnerability in Microsoft SharePoint Server that allows remote attackers to execute arbitrary code.
The severity of CVE-2020-1181 is high, with a severity value of 8.8.
CVE-2020-1181 impacts Microsoft SharePoint Server 2016 installations.
An attacker can exploit CVE-2020-1181 by uploading a malicious Web Part when creating a SharePoint page.
To fix CVE-2020-1181, apply the security updates provided by Microsoft.