CyberSec.Space Logo
Back to CVE Browser

CVE-2018-0909

HIGH
8.8
CVSS Severity Score
EPSS Score0.0740%
EPSS Percentile42.74th
PublishedMar 14, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0910, CVE-2018-0911, CVE-2018-0912, CVE-2018-0913, CVE-2018-0914, CVE-2018-0915, CVE-2018-0916, CVE-2018-0917, CVE-2018-0921, CVE-2018-0923, CVE-2018-0944 and CVE-2018-0947.

Affected Platforms (CPE)

πŸ“¦
Microsoft

Project Server

= 2013
πŸ“¦
Microsoft

Sharepoint Enterprise Server

= 2016

References & Advisories

πŸ”— http://www.securityfocus.com/bid/103279
πŸ”— http://www.securitytracker.com/id/1040513
πŸ”— https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0909
πŸ”— http://www.securityfocus.com/bid/103279
πŸ”— http://www.securitytracker.com/id/1040513
πŸ”— https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0909

Related Vulnerabilities

CVE-2021-4422810.0

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration...

CVE-2011-451310.0

Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels S...

CVE-2004-176310.0

Buffer overflow in hsrun.exe for HAHTsite Scenario Server 5.1 Patch 06 (build 91) allows remote attackers to cause a denial of ser...

CVE-2020-151499.9

NodeBB before version 1.14.3 has a bug introduced in version 1.12.2 in the validation logic that makes it possible to change the p...