CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-31963 – Microsoft SharePoint Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-31963
Microsoft SharePoint Server Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Microsoft SharePoint Server. Este ID de CVE es diferente de CVE-2021-26420, CVE-2021-31966 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31963 •
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 2CVE-2021-31950 – Microsoft SharePoint Server Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2021-31950
Microsoft SharePoint Server Spoofing Vulnerability Una vulnerabilidad de Suplantación de Identidad de Microsoft SharePoint Server. Este ID de CVE es diferente de CVE-2021-31948, CVE-2021-31964 Microsoft SharePoint Server version 16.0.10372.20060 suffers from a GetXmlDataFromDataSource server-side request forgery vulnerability. • https://www.exploit-db.com/exploits/49982 http://packetstormsecurity.com/files/163080/Microsoft-SharePoint-Server-16.0.10372.20060-Server-Side-Request-Forgery.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31950 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0CVE-2021-31948 – Microsoft SharePoint Server Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2021-31948
Microsoft SharePoint Server Spoofing Vulnerability Una vulnerabilidad de Suplantación de Identidad de Microsoft SharePoint Server. Este ID de CVE es diferente de CVE-2021-31950, CVE-2021-31964 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31948 •
CVSS: 8.8EPSS: 9%CPEs: 3EXPL: 0CVE-2021-26420 – Microsoft SharePoint Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-26420
Microsoft SharePoint Server Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Microsoft SharePoint Server. Este ID de CVE es diferente de CVE-2021-31963, CVE-2021-31966 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability. The specific flaw exists within the System.Workflow.ComponentModel.Compiler.WorkflowCompilerInternal class. This class allows an attacker to specify a path to an arbitrary workflow definition file. An attacker can leverage this vulnerability to execute code in the context of the web service account. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26420 https://www.zerodayinitiative.com/advisories/ZDI-21-755 •
CVSS: 8.8EPSS: 47%CPEs: 3EXPL: 1CVE-2021-31181 – Microsoft SharePoint Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-31181
Microsoft SharePoint Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de Microsoft SharePoint This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of server-side controls in WebParts. By specifying a control using a non-canonical string, an unsafe server-side control can be instantiated. An attacker can leverage this vulnerability to execute code in the context of the service account. • http://packetstormsecurity.com/files/163208/Microsoft-SharePoint-Unsafe-Control-And-ViewState-Remote-Code-Execution.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31181 https://www.zerodayinitiative.com/advisories/ZDI-21-573 •