Vulnerability Description
Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability due to the way web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability".
CVSS Score
8.8
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Sharepoint Enterprise Server | 2016 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/102068Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039995Third Party AdvisoryVDB Entry
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-1193Issue TrackingPatchVendor Advisory
- http://www.securityfocus.com/bid/102068Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039995Third Party AdvisoryVDB Entry
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-1193Issue TrackingPatchVendor Advisory
FAQ
What is CVE-2017-11936?
CVE-2017-11936 is a vulnerability with a CVSS score of 8.8 (HIGH). Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability due to the way web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability".
How severe is CVE-2017-11936?
CVE-2017-11936 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-11936?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Sharepoint Enterprise Server.