These issues are publicly documented, but are not yet assigned Common Vulnerabilities and Exposures (CVE) numbers. We will update this post when the vulnerabilities are assigned CVE numbers. The Microsoft SharePoint Products are prone to a remote code execution vulnerability. This could permit a remote attacker to take complete control of an affected system. Microsoft SharePoint Server 2010, 2013, 2016, 2019 and Office 365 are vulnerable. This vulnerability affects all versions of SharePoint, including SharePoint Foundation, Enterprise, Agency, and Hosted. Microsoft SharePoint Server 2019 is recommended. CVE-2022 is an elevation of privilege vulnerability that can be exploited by a low privileged user to take complete control of the system. It could also be exploited by a remote attacker. To exploit this issue, a user must click on a specially crafted link. A successful exploit could lead to complete system takeover. What Systems are Affected by this Vulnerability? - SharePoint Server 2010, 2013, 2016, 2019 and Office 365 - Hosted SharePoint on premises or Azure cloud platforms - Open source or custom applications using SharePoint APIs
Microsoft SharePoint Server 2010
, 2013, 2016, 2019 and Office 365 are vulnerable to a remote code execution vulnerability
Microsoft SharePoint Products are prone to a remote code execution vulnerability. This could permit a remote attacker to take complete control of an affected system. Microsoft SharePoint Server 2010, 2013, 2016, 2019 and Office 365 are vulnerable. This vulnerability affects all versions of SharePoint, including SharePoint Foundation, Enterprise, Agency, and Hosted. Microsoft SharePoint Server 2019 is recommended. CVE-2022 is an elevation of privilege vulnerability that can be exploited by a low privileged user to take complete control of the system. It could also be exploited by a remote attacker. To exploit this issue, a user must click on a specially crafted link. A successful exploit could lead to complete system takeover
Vulnerability overview
The following is a summary of the vulnerability. For detailed information about exploitation of this issue, please visit the vendor's website: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022
An elevation of privilege vulnerability exists in SharePoint due to improper authentication and authorization controls for web requests from anonymous users. This vulnerability could be exploited by an unauthenticated user to take complete control of the system without permission or knowledge of the user as long as they are able to click on a specially crafted link.
How Does this Vulnerability Occur?
To exploit this vulnerability, a user must click on a specially crafted link. A successful exploit could lead to complete system takeover.
If you use Microsoft SharePoint Server 2010, 2013, 2016, 2019 and Office 365, we recommend applying the latest update (KB4470172) which addresses CVE-2022-41037.
SharePoint Server 2010, 2013, 2016, 2019 and Office 365
SharePoint Server 2010, 2013, 2016, 2019 and Office 365 are vulnerable. SharePoint Server 2019 is recommended.
How to Mitigate the Problem:
- Microsoft has released an out-of-cycle update that addresses this issue. Please refer to the following article for more information: https://support.microsoft.com/en-us/help/4073080/sharepoint-server-2010,-2013,-2016,-2019-and-office-365
- Run all applicable updates for SharePoint
FAQs:
Q: If I am running SharePoint Server 2010 or 2013, what do I need to do?
A: You need to run SharePoint Server 2016 or 2019 which have additional security updates that will address this vulnerability. Otherwise, you can follow the steps listed in Microsoft's article linked above.
Timeline
Published on: 10/11/2022 19:15:00 UTC
Last modified on: 10/12/2022 16:51:00 UTC