ID de Prueba:	1.3.6.1.4.1.25623.1.0.811035
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft SharePoint Foundation Privilege Elevation Vulnerability (3191914)
Resumen:	This host is missing an important security; update for Microsoft SharePoint Foundation according to Microsoft KB3191914
Descripción:	Summary: This host is missing an important security update for Microsoft SharePoint Foundation according to Microsoft KB3191914 Vulnerability Insight: The flaw exists as SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. Vulnerability Impact: Successful exploitation will allow an attacker to perform cross-site scripting attacks on affected systems and run script in the security context of the current user. These attacks could allow the attacker to read content that the attacker is not authorized to read, use the victim's identity to take actions on the SharePoint site on behalf of the victim, such as change permissions and delete content, and inject malicious content in the browser of the victim. Affected Software/OS: Microsoft SharePoint Foundation 2013 Service Pack 1. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 3.5 CVSS Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N
Referencia Cruzada:	BugTraq ID: 98107 Common Vulnerability Exposure (CVE) ID: CVE-2017-0255 http://www.securityfocus.com/bid/98107
Copyright	Copyright (C) 2017 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.