发布时间 :2018-06-14 08:29:02
修订时间 :2018-06-15 21:29:09

[原文]An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint. This CVE ID is unique from CVE-2018-8254.



- CVSS (基础分值)


- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD

- 其它链接及资源
(UNKNOWN)  BID  104317

- 漏洞信息

Microsoft SharePoint Server CVE-2018-8252 Remote Privilege Escalation Vulnerability
Input Validation Error 104317
Yes No
2018-06-12 12:00:00 2018-06-12 12:00:00
Ashar Javed of Hyundai AutoEver Europe GmbH

- 受影响的程序版本

Microsoft SharePoint Foundation 2013 SP1
- Microsoft IIS 5.0
- Microsoft Windows 2000 Advanced Server SP2
- Microsoft Windows 2000 Advanced Server SP1
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP1
- Microsoft Windows 2000 Server
Microsoft SharePoint Enterprise Server 2016 0

- 漏洞讨论

Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability because it fails to properly sanitize user-supplied input.

An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks.

- 漏洞利用

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at:

- 解决方案

Updates are available. Please see the references or vendor advisory for more information.

- 相关参考