Vulnerability Data

by Reconmap

CVE-2020-1102

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1023, CVE-2020-1024.

Published at
2020-05-21T23:15Z
1459 days ago
Modified
2020-05-26T18:21Z
1454 days ago
CWE-434
Problem type

Impact

CVSS v3 vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Severity Score Vector

8.8CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References


URLType
portal.msrc.microsoft.com
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1102		MISC

GET https://vulnerabilitydata.com/api/details/CVE-2020-1102

{
	"id": "CVE-2020-1102",
	"published_date": "2020-05-21T23:15Z",
	"last_modified_date": "2020-05-26T18:21Z",
	"assigner": "secure@microsoft.com",
	"description": "A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1023, CVE-2020-1024.",
	"references": [
		{
			"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1102",
			"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1102",
			"refsource": "MISC",
			"tags": [
				"Patch",
				"Vendor Advisory"
			]
		}
	],
	"impact": {
		"baseMetricV3": {
			"cvssV3": {
				"version": "3.1",
				"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
				"attackVector": "NETWORK",
				"attackComplexity": "LOW",
				"privilegesRequired": "LOW",
				"userInteraction": "NONE",
				"scope": "UNCHANGED",
				"confidentialityImpact": "HIGH",
				"integrityImpact": "HIGH",
				"availabilityImpact": "HIGH",
				"baseScore": 8.8,
				"baseSeverity": "HIGH"
			},
			"exploitabilityScore": 2.8,
			"impactScore": 5.9
		},
		"baseMetricV2": {
			"cvssV2": {
				"version": "2.0",
				"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
				"accessVector": "NETWORK",
				"accessComplexity": "LOW",
				"authentication": "SINGLE",
				"confidentialityImpact": "PARTIAL",
				"integrityImpact": "PARTIAL",
				"availabilityImpact": "PARTIAL",
				"baseScore": 6.5
			},
			"severity": "MEDIUM",
			"exploitabilityScore": 8,
			"impactScore": 6.4,
			"acInsufInfo": false,
			"obtainAllPrivilege": false,
			"obtainUserPrivilege": false,
			"obtainOtherPrivilege": false,
			"userInteractionRequired": false
		}
	},
	"problem_type": "CWE-434"
}