<p>An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p>
<p>To exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.</p>
<p>The security update addresses the vulnerability by correcting how Microsoft SharePoint Server handles objects in memory.</p>
References
Link | Resource |
---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16948 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
31 Dec 2023, 20:15
Type | Values Removed | Values Added |
---|---|---|
Summary | <p>An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p> <p>To exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.</p> <p>The security update addresses the vulnerability by correcting how Microsoft SharePoint Server handles objects in memory.</p> |
Information
Published : 2020-10-16 23:15
Updated : 2024-02-04 21:23
NVD link : CVE-2020-16948
Mitre link : CVE-2020-16948
CVE.ORG link : CVE-2020-16948
JSON object : View
Products Affected
microsoft
- sharepoint_foundation
- sharepoint_enterprise_server
- sharepoint_server
CWE