PT-2022-1656 · Microsoft · Sharepoint Server Subscription Edition+1
Malacupa
·
Published
2022-02-08
·
Updated
2023-06-29
·
CVE-2022-21987
CVSS v2.0
8.5
High
| Vector | AV:N/AC:M/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Microsoft SharePoint Server (affected versions not specified)
Microsoft SharePoint Enterprise Server (affected versions not specified)
Microsoft SharePoint Server Subscription Edition (affected versions not specified)
Description
The issue is related to errors in the user interface's information representation. It may allow a remote attacker to perform a spoofing attack.
Recommendations
For Microsoft SharePoint Server, consider restricting access to sensitive areas of the system until a fix is available.
For Microsoft SharePoint Enterprise Server, restrict access to the user interface to minimize the risk of exploitation.
For Microsoft SharePoint Server Subscription Edition, avoid using the system for critical operations until the issue is resolved.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
UI Misrepresentation of Critical Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sharepoint Server
Sharepoint Server Subscription Edition