CVE-2020-1295

Name of the Vulnerable Software and Affected Versions Microsoft SharePoint Server (affected versions not specified) Microsoft SharePoint Enterprise Server (affected versions not specified)

Description The issue is related to insufficient access controls in Microsoft SharePoint, allowing a remote attacker to elevate their privileges using a specially crafted request. This could enable the attacker to impersonate another user of the SharePoint server. An authenticated attacker would need to send a specially crafted request to an affected server to exploit this issue.

Recommendations For Microsoft SharePoint Server, apply the necessary security updates or patches to resolve the issue. For Microsoft SharePoint Enterprise Server, apply the necessary security updates or patches to resolve the issue. As a temporary workaround, consider restricting access to sensitive areas of the SharePoint server to minimize the risk of exploitation.