CVE-2021-31172 – Microsoft SharePoint Server Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2021-31172
Microsoft SharePoint Server Spoofing Vulnerability Una vulnerabilidad de Suplantación de Identidad de Microsoft SharePoint. Este ID de CVE es diferente de CVE-2021-26418, CVE-2021-28478 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31172 •
CVE-2021-31173 – Microsoft SharePoint Server Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-31173
Microsoft SharePoint Server Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información de Microsoft SharePoint Server • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31173 •
CVE-2021-31171 – Microsoft SharePoint Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-31171
Microsoft SharePoint Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información de Microsoft SharePoint • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31171 •
CVE-2021-28478 – Microsoft SharePoint Server Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2021-28478
Microsoft SharePoint Server Spoofing Vulnerability Una vulnerabilidad de Suplantación de Identidad de Microsoft SharePoint. Este ID de CVE es diferente de CVE-2021-26418, CVE-2021-31172 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28478 •
CVE-2021-28474 – Microsoft SharePoint Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-28474
Microsoft SharePoint Server Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de Microsoft SharePoint Server This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of server-side controls. By specifying a control using a non-canonical string, an unsafe server-side control can be instantiated. An attacker can leverage this vulnerability to execute code in the context of the service account. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28474 https://www.zerodayinitiative.com/advisories/ZDI-21-574 • CWE-436: Interpretation Conflict •