Home

CVE-2021-42294

Description

Microsoft SharePoint Server Remote Code Execution Vulnerability

Risk Information

Base Score
7.1
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
EPSS Score
Exploitation Probability
0.951

Associated Vulnerability

VulnerabilityOS Platform
Microsoft SharePoint Server Remote Code Execution Vulnerability for Microsoft SharePoint Enterprise Server 2013 (KB5002008)Windows
Microsoft SharePoint Server Remote Code Execution Vulnerability for Microsoft SharePoint Foundation 2013 (KB5002015)Windows
Microsoft SharePoint Server Remote Code Execution Vulnerability for Microsoft SharePoint Server 2019 Core (KB5002054) farm-deploymentWindows
Microsoft SharePoint Server Remote Code Execution Vulnerability for Microsoft SharePoint Enterprise Server 2016 (KB5002055) farm-deploymentWindows
Microsoft SharePoint Server Remote Code Execution Vulnerability for Microsoft SharePoint Enterprise Server 2016 (KB5002059) farm-deploymentWindows
Microsoft SharePoint Server Remote Code Execution Vulnerability for Microsoft SharePoint Server 2019 Language Pack (KB5002061)Windows
Microsoft SharePoint Server Remote Code Execution Vulnerability for Microsoft SharePoint Foundation 2013 (KB5002071)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-32596Security Update for Microsoft SharePoint Enterprise Server 2013 (KB5002008)
PATCH-32593Security Update for Microsoft SharePoint Foundation 2013 (KB5002015)
PATCH-32583Security Update for Microsoft SharePoint Enterprise Server 2016 (KB5002055) farm-deployment
PATCH-32597Security Update for Microsoft SharePoint Enterprise Server 2016 (KB5002059) farm-deployment
PATCH-32595Security Update for Microsoft SharePoint Server 2019 Language Pack (KB5002061)
PATCH-32592Security Update for Microsoft SharePoint Foundation 2013 (KB5002071)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234