PT-2020-3798 · Microsoft · Sharepoint Server+1
Cameron Vincent
·
Published
2020-08-11
·
Updated
2024-01-19
·
CVE-2020-1505
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:C/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Microsoft SharePoint Server (affected versions not specified)
Microsoft SharePoint Foundation (affected versions not specified)
Microsoft SharePoint Enterprise Server (affected versions not specified)
Description:
An information disclosure issue exists due to improper handling of objects in memory by Microsoft SharePoint Server. This could allow an attacker to obtain information that could further compromise the user's system. To exploit this issue, an attacker would need to log on to an affected system and run a specially crafted application. The security update addresses this by correcting how Microsoft SharePoint Server handles objects in memory.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sharepoint Server
Sharepoint Foundation