CVE-2020-0931

Description

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka Microsoft SharePoint Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2020-0920, CVE-2020-0929, CVE-2020-0932, CVE-2020-0971, CVE-2020-0974.

Risk Information

Base Score

8.8

MODERATE

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

20.663

Associated Vulnerability

Vulnerability	OS Platform
Microsoft SharePoint Remote Code Execution Vulnerability for Microsoft SharePoint Enterprise Server 2013 (KB4011584)	Windows
Microsoft SharePoint Remote Code Execution Vulnerability for Microsoft SharePoint Foundation 2013 (KB4484322)	Windows
Microsoft SharePoint Remote Code Execution Vulnerability for 2010 Microsoft Business Productivity Servers (KB2553306)	Windows
Microsoft SharePoint Remote Code Execution Vulnerability for Microsoft SharePoint Foundation 2013 (KB4484321)	Windows
Microsoft Office SharePoint XSS Vulnerability for Microsoft SharePoint Enterprise Server 2013 (KB4484308)	Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-28787	Security Update for Microsoft SharePoint Foundation 2013 (KB4484322)
PATCH-28741	Security Update for Microsoft SharePoint Foundation 2013 (KB4484321)
PATCH-28742	Security Update for Microsoft SharePoint Enterprise Server 2013 (KB4484308)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234