What is CVE-2022-38008?

CVE-2022-38008 is a remote code execution vulnerability in Microsoft SharePoint Server.

Which versions of SharePoint Server are affected by CVE-2022-38008?

SharePoint Enterprise Server 2013 SP1, SharePoint Enterprise Server 2016, SharePoint Foundation 2013 SP1, SharePoint Server Subscription Edition, SharePoint Server 2019, and SharePoint Server Subscription Edition Language Pack are affected by CVE-2022-38008.

What is the severity rating of CVE-2022-38008?

The severity rating of CVE-2022-38008 is high with a CVSS score of 8.8.

How can I fix CVE-2022-38008?

You can fix CVE-2022-38008 by applying the relevant security patches provided by Microsoft for the affected SharePoint Server versions.

Where can I find more information about CVE-2022-38008?

You can find more information about CVE-2022-38008 on the Microsoft Security Response Center website at: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38008

Vulnerability/
CVE-2022-38008

13/9/2022

20/12/2023

CVE-2022-38008: Microsoft SharePoint Server Remote Code Execution Vulnerability

First published: Tue Sep 13 2022(Updated: )

Credit: secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft SharePoint Enterprise Server	=2013-sp1
Microsoft SharePoint Enterprise Server	=2016
Microsoft SharePoint Foundation	=2013-sp1
Microsoft SharePoint Server
Microsoft SharePoint Server	=language_pack
Microsoft SharePoint Server	=2019
Microsoft SharePoint Server Subscription Edition		fix available externally
Microsoft SharePoint Foundation 2013		fix available externally fix available externally
Microsoft SharePoint Enterprise Server 2016		fix available externally fix available externally
Microsoft SharePoint Enterprise Server 2013		fix available externally fix available externally fix available externally
Microsoft SharePoint Server 2019		fix available externally fix available externally
Microsoft SharePoint Server Subscription Edition Language Pack		fix available externally

Never miss a vulnerability like this again

Reference Links

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38008 (Advisory)

Frequently Asked Questions

What is CVE-2022-38008?
CVE-2022-38008 is a remote code execution vulnerability in Microsoft SharePoint Server.
Which versions of SharePoint Server are affected by CVE-2022-38008?
SharePoint Enterprise Server 2013 SP1, SharePoint Enterprise Server 2016, SharePoint Foundation 2013 SP1, SharePoint Server Subscription Edition, SharePoint Server 2019, and SharePoint Server Subscription Edition Language Pack are affected by CVE-2022-38008.
What is the severity rating of CVE-2022-38008?
The severity rating of CVE-2022-38008 is high with a CVSS score of 8.8.
How can I fix CVE-2022-38008?
You can fix CVE-2022-38008 by applying the relevant security patches provided by Microsoft for the affected SharePoint Server versions.
Where can I find more information about CVE-2022-38008?
You can find more information about CVE-2022-38008 on the Microsoft Security Response Center website at: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38008

collector/msrc-cve
collector/nvd-index
collector/mitre-cve
vendor/microsoft
product/sharepoint enterprise server
canonical/microsoft sharepoint enterprise server
product/sharepoint foundation
canonical/microsoft sharepoint foundation
product/sharepoint server
canonical/microsoft sharepoint server
product/sharepoint server subscription edition
canonical/microsoft sharepoint server subscription edition
product/sharepoint foundation 2013
canonical/microsoft sharepoint foundation 2013
product/sharepoint enterprise server 2016
canonical/microsoft sharepoint enterprise server 2016
product/sharepoint enterprise server 2013
canonical/microsoft sharepoint enterprise server 2013
product/sharepoint server 2019
canonical/microsoft sharepoint server 2019
product/sharepoint server subscription edition language pack
canonical/microsoft sharepoint server subscription edition language pack