First published: Wed Dec 15 2021(Updated: )
Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-42309.
Credit: secure@microsoft.com secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft SharePoint Enterprise Server | =2013-sp1 | |
Microsoft SharePoint Enterprise Server | =2016 | |
Microsoft SharePoint Foundation | =2013-sp1 | |
Microsoft SharePoint Server | ||
Microsoft SharePoint Server | =language_pack | |
Microsoft SharePoint Server | =2019 | |
=2013-sp1 | ||
=2016 | ||
=2013-sp1 | ||
=language_pack | ||
=2019 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-42294 is a remote code execution vulnerability in Microsoft SharePoint Server.
CVE-2021-42294 has a severity value of 7.2, which is considered high.
Microsoft SharePoint Enterprise Server 2013 SP1, Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint Foundation 2013 SP1, Microsoft SharePoint Server, Microsoft SharePoint Server Language Pack, and Microsoft SharePoint Server 2019 are affected by CVE-2021-42294.
CVE-2021-42294 allows remote attackers to execute arbitrary code on a vulnerable Microsoft SharePoint Server, potentially leading to a complete compromise of the system.
Yes, Microsoft has released security updates to address CVE-2021-42294. It is recommended to apply the latest security updates as soon as possible.