CVSS: 5.3EPSS: 51%CPEs: 3EXPL: 0CVE-2021-34519 – Microsoft SharePoint Server Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-34519
Microsoft SharePoint Server Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información de Microsoft SharePoint Server This vulnerability allows network-adjacent attackers to tamper with update data on affected installations of Microsoft SharePoint. User interaction is required to exploit this vulnerability. The specific flaw exists within the handling of SharePoint Help updates. The issue results from a missing integrity check on update downloads. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the service account. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34519 https://www.zerodayinitiative.com/advisories/ZDI-21-830 •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-34517 – Microsoft SharePoint Server Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2021-34517
Microsoft SharePoint Server Spoofing Vulnerability Una vulnerabilidad de Suplantación de Identidad en Microsoft SharePoint Server • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34517 •
CVSS: 8.0EPSS: 2%CPEs: 3EXPL: 0CVE-2021-34468 – Microsoft SharePoint Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-34468
Microsoft SharePoint Server Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de Microsoft SharePoint Server. Este ID de CVE es diferente de CVE-2021-34467, CVE-2021-34520 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Microsoft SharePoint. User interaction is required to exploit this vulnerability. The specific flaw exists within the parsing of CAB files. When handling filenames specified within a CAB file, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the service account. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34468 https://www.zerodayinitiative.com/advisories/ZDI-21-829 •
CVSS: 7.2EPSS: 1%CPEs: 4EXPL: 0CVE-2021-31966 – Microsoft SharePoint Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-31966
Microsoft SharePoint Server Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Microsoft SharePoint Server. Este ID de CVE es diferente de CVE-2021-26420, CVE-2021-31963 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31966 •
CVSS: 6.5EPSS: 1%CPEs: 3EXPL: 0CVE-2021-31965 – Microsoft SharePoint Server Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-31965
Microsoft SharePoint Server Information Disclosure Vulnerability Una vulnerabilidad de Divulgación de Información en Microsoft SharePoint Server • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31965 •