CVE-2018-0923 Information

Description

Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized aka \Microsoft SharePoint Elevation of Privilege Vulnerability. This CVE is unique from CVE-2018-0909 CVE-2018-0910. CVE-2018-0911 CVE-2018-0912 CVE-2018-0913 CVE-2018-0914 CVE-2018-0915 CVE-2018-0916 CVE-2018-0917 CVE-2018-0921 CVE-2018-0944 and CVE-2018-0947.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Reference

http://www.securityfocus.com/bid/103308 http://www.securitytracker.com/id/1040513 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0923

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

8.8