CVE-2019-1443
Description
An information disclosure vulnerability exists in Microsoft SharePoint when an attacker uploads a specially crafted file to the SharePoint Server.An authenticated attacker who successfully exploited this vulnerability could potentially leverage SharePoint functionality to obtain SMB hashes.The security update addresses the vulnerability by correcting how SharePoint checks file content., aka Microsoft SharePoint Information Disclosure Vulnerability.
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
14.453
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Microsoft SharePoint Information Disclosure Vulnerability for Microsoft SharePoint Foundation 2010 (KB4484165) | Windows |
| Microsoft SharePoint Information Disclosure Vulnerability for Microsoft SharePoint Foundation 2013 (KB4484157) | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-27813 | Security Update for Microsoft SharePoint Foundation 2013 (KB4484157) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234