Business Productivity Servers
CVE-2021-27076
HIGH
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from Vendor (microsoft) · only source for this CVE.
CVSS VectorVendor: microsoft
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
Microsoft SharePoint Server Remote Code Execution Vulnerability
AnalysisAI
Microsoft SharePoint Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.
Technical ContextAI
Microsoft SharePoint Server Remote Code Execution Vulnerability Affected products include: Microsoft Business Productivity Servers, Microsoft Sharepoint Foundation, Microsoft Sharepoint Server.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Mic
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup
This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affecte
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a speciall
Share
External POC / Exploit Code
Leaving vuln.today