Home

CVE-2019-0604

Description

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka Microsoft SharePoint Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2019-0594.

Risk Information

Base Score
9.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
94.415

Associated Vulnerability

VulnerabilityOS Platform
Microsoft SharePoint Remote Code Execution Vulnerability for Microsoft SharePoint Foundation 2013 (KB4462143)Windows
Microsoft SharePoint Remote Code Execution Vulnerability for Microsoft SharePoint Enterprise Server 2016 (KB4462155)Windows
Microsoft SharePoint Remote Code Execution Vulnerability for Microsoft SharePoint Foundation 2010 (KB4461630)Windows
Microsoft SharePoint Remote Code Execution Vulnerability for Microsoft SharePoint Enterprise Server 2016 (KB4462211)Windows
Microsoft SharePoint Remote Code Execution Vulnerability for Microsoft SharePoint Server 2019 Core (KB4462199)Windows
Microsoft SharePoint Remote Code Execution Vulnerability for Microsoft SharePoint Enterprise Server 2013 (KB4462202)Windows
Microsoft SharePoint Remote Code Execution Vulnerability for 2010 Microsoft Business Productivity Servers (KB4462184)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-26089Security Update for Microsoft SharePoint Foundation 2013 (KB4462143)
PATCH-26191Security Update for Microsoft SharePoint Enterprise Server 2016 (KB4462155)
PATCH-26309Security Update for Microsoft SharePoint Enterprise Server 2016 (KB4462211)
PATCH-26355Security Update for Microsoft SharePoint Enterprise Server 2013 (KB4462202)
PATCH-26356Security Update for 2010 Microsoft Business Productivity Servers (KB4462184)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234