What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2021-27076.

What is the severity of CVE-2021-27076?

The severity of CVE-2021-27076 is high with a CVSS score of 8.8.

Which software versions are affected by CVE-2021-27076?

Microsoft SharePoint Enterprise Server 2016, SharePoint Server 2019, SharePoint Foundation 2013, and Business Productivity Servers 2010 are affected by CVE-2021-27076.

How can I fix CVE-2021-27076?

To fix CVE-2021-27076, apply the respective patches provided by Microsoft for the affected software versions.

Where can I find more information about CVE-2021-27076?

You can find more information about CVE-2021-27076 on the Microsoft Security Response Center advisory page and the Zero Day Initiative advisory page.

Vulnerability/
CVE-2021-27076

high

8.8

9/3/2021

11/3/2021

16/1/2024

3/8/2024

CVE-2021-27076: Microsoft SharePoint InfoPath List Deserialization of Untrusted Data Remote Code Execution Vulnerability

First published: Tue Mar 09 2021(Updated: )

Microsoft SharePoint Server Remote Code Execution Vulnerability

Credit: secure@microsoft.com secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft Business Productivity Servers 2010		fix available externally
Microsoft SharePoint Server 2019		fix available externally
Microsoft SharePoint Foundation 2013		fix available externally
Microsoft SharePoint Enterprise Server 2016		fix available externally
Microsoft Business Productivity Servers	=2010-sp2
Microsoft SharePoint Foundation	=2013-sp1
Microsoft SharePoint Server	=2016
Microsoft SharePoint Server	=2019
Microsoft SharePoint

Remedy

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27076

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2021-27076.
What is the severity of CVE-2021-27076?
The severity of CVE-2021-27076 is high with a CVSS score of 8.8.
Which software versions are affected by CVE-2021-27076?
Microsoft SharePoint Enterprise Server 2016, SharePoint Server 2019, SharePoint Foundation 2013, and Business Productivity Servers 2010 are affected by CVE-2021-27076.
How can I fix CVE-2021-27076?
To fix CVE-2021-27076, apply the respective patches provided by Microsoft for the affected software versions.
Where can I find more information about CVE-2021-27076?
You can find more information about CVE-2021-27076 on the Microsoft Security Response Center advisory page and the Zero Day Initiative advisory page.

collector/nvd-index
agent/first-publish-date
agent/last-modified-date
collector/msrc-cve
source/Microsoft
agent/author
agent/type
agent/remedy
agent/title
agent/references
agent/severity
agent/description
collector/nvd-api
source/NVD
agent/software-canonical-lookup
collector/zdi-advisory
source/ZDI
alias/ZDI-21-276
alias/ZDI-CAN-12086
alias/CVE-2021-27076
agent/software-canonical-lookup-request
agent/softwarecombine
agent/tags
agent/event
collector/mitre-cve
source/MITRE
vendor/microsoft
canonical/microsoft business productivity servers
version/microsoft business productivity servers/2010-sp2
canonical/microsoft sharepoint foundation
version/microsoft sharepoint foundation/2013-sp1
canonical/microsoft sharepoint server
version/microsoft sharepoint server/2016
version/microsoft sharepoint server/2019
canonical/microsoft sharepoint
canonical/microsoft sharepoint foundation 2013
canonical/microsoft sharepoint enterprise server 2016
canonical/microsoft sharepoint server 2019
canonical/microsoft business productivity servers 2010