Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910. CVE-2018-0911, CVE-2018-0912, CVE-2018-0913 CVE-2018-0914, CVE-2018-0915, CVE-2018-0916, CVE-2018-0917, CVE-2018-0921, CVE-2018-0923 and CVE-2018-0947.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/103304 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1040513 | Third Party Advisory VDB Entry |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0944 | Patch Vendor Advisory |
http://www.securityfocus.com/bid/103304 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1040513 | Third Party Advisory VDB Entry |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0944 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 03:39
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/103304 - Third Party Advisory, VDB Entry | |
References | () http://www.securitytracker.com/id/1040513 - Third Party Advisory, VDB Entry | |
References | () https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0944 - Patch, Vendor Advisory |
Information
Published : 2018-03-14 17:29
Updated : 2024-11-21 03:39
NVD link : CVE-2018-0944
Mitre link : CVE-2018-0944
CVE.ORG link : CVE-2018-0944
JSON object : View
Products Affected
microsoft
- sharepoint_enterprise_server
- project_server
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')