What is the CVSS score of CVE-2019-0604?

CVE-2019-0604 has a CVSS 3.1 base score of 9.8 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 94.4%.

Which versions of Microsoft SharePoint are affected by CVE-2019-0604?

CVE-2019-0604 presents critical security risk, a input validation vulnerability rated CVSS 9.8.. A patch is available.

Is there a public PoC exploit available for CVE-2019-0604?

Yes, a public proof-of-concept exploit is available for CVE-2019-0604. Prioritise patching immediately. EPSS: 94.4%.

How to fix or mitigate CVE-2019-0604?

Within 24 hours: Identify all affected systems and apply vendor patches immediately. Vendor patch is available.

Microsoft SharePoint CVE-2019-0604

CRITICAL

Improper Input Validation (CWE-20)

2019-03-05 secure@microsoft.com

9.8

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

9.8 CRITICAL

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 26, 2026 - 11:18 vuln.today

Added to CISA KEV

Oct 29, 2025 - 14:45 cisa

CISA KEV

PoC Detected

Oct 29, 2025 - 14:45 vuln.today

Public exploit code

Patch released

Oct 29, 2025 - 14:45 nvd

Patch available

CVE Published

Mar 05, 2019 - 23:29 nvd

CRITICAL 9.8

DescriptionCVE.org

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594.

AnalysisAI

Microsoft SharePoint allows remote code execution through crafted application packages due to improper source markup validation, enabling server-side code execution on SharePoint farms without authentication.

Technical ContextAI

The CWE-20 input validation flaw allows attackers to craft application packages with malicious markup that bypasses SharePoint's validation. When the server processes the crafted package, it executes attacker-controlled code in the context of the SharePoint application pool.

Affected ProductsAI

Microsoft SharePoint (affected versions as specified by Microsoft)

RemediationAI

Apply Microsoft security update. Restrict network access to SharePoint. Implement WAF rules for SharePoint-specific attacks. Monitor SharePoint application pool accounts for anomalous activity.

CVE-2019-0604 vulnerability details – vuln.today

Back

Microsoft SharePoint CVE-2019-0604

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

Affected ProductsAI

RemediationAI

Share

External POC / Exploit Code