First published: Tue Jun 08 2021(Updated: )
Microsoft SharePoint Server Remote Code Execution Vulnerability
Credit: secure@microsoft.com secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft SharePoint Enterprise Server | =2016 | |
Microsoft SharePoint Foundation | =2013-sp1 | |
Microsoft SharePoint Server | =2019 | |
Microsoft SharePoint | ||
Microsoft SharePoint Server 2019 | ||
Microsoft SharePoint Enterprise Server 2016 | ||
Microsoft SharePoint Foundation 2013 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-26420 is a vulnerability in Microsoft SharePoint that allows remote attackers to execute arbitrary code on affected installations.
The severity of CVE-2021-26420 is high, with a CVSS score of 7.5.
CVE-2021-26420 affects Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint Foundation 2013 SP1, and Microsoft SharePoint Server 2019.
To fix CVE-2021-26420 in Microsoft SharePoint Enterprise Server 2016, you can apply the patch provided by Microsoft or follow the remediation steps mentioned in the Microsoft knowledge base article.
You can find more information about CVE-2021-26420 on the Microsoft Security Response Center website and the Zero Day Initiative advisory.