Vulnerability Manager Plus

Microsoft SharePoint Elevation of Privilege Vulnerability for Microsoft SharePoint Enterprise Server 2016 (KB4011217)

Risk Information

Base Score

7.8

MODERATE

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

90.484%

CVE Information

Source CVE
CVE-2017-11826

Associated CVE
CVE-2017-11826
CVE-2017-11777
CVE-2017-11775
CVE-2017-11820

Patch Details

Patch associated with this vulnerability is supported by ManageEngine.

Patch ID
23342

Patch Description
Security Update for Microsoft SharePoint Enterprise Server 2016 (KB4011217)

References

http://www.securityfocus.com/bid/101097
http://www.securityfocus.com/bid/101219
http://www.securitytracker.com/id/1039540
http://www.securitytracker.com/id/1039541
https://0patch.blogspot.com/2017/11/0patching-pretty-nasty-microsoft-word.html
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-11820
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-11826
https://securingtomorrow.mcafee.com/mcafee-labs/analyzing-microsoft-office-zero-day-exploit-cve-2017-11826-memory-corruption-vulnerability/
https://www.tarlogic.com/en/blog/exploiting-word-cve-2017-11826/
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-11777
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-11775