Spoofing and Remote Code Execution chain vulnerability

Scope: Microsoft share point servers

Severity: Critical

This advisory is to reflect newly released information from Microsoft, and to correct the actively exploited Common Vulnerabilities and Exposures (CVEs), which have been confirmed as a network spoofing vulnerability, and a remote code execution (RCE) vulnerability chain. The chain, publicly reported as “ToolShell,” provides unauthenticated access to systems and authenticated access through network spoofing, respectively, and enables malicious actors to fully access SharePoint content, including file systems and internal configurations, and execute code over the network.

Affected Versions:

Microsoft SharePoint Server Subscription Edition
Microsoft SharePoint Server 2019
Microsoft SharePoint Server 2016

The Uganda National CERT and Coordination Center (CERT.UG/CC) recommends that all user and administrators follow the mitigations provided on the MICROSOFT page and upgrade to patched versions.

Connection Hijacking Vulnerability- Huawei

Recent Advisories

Categories

Contact info

Useful Links

Subscribe to our Mailing List

Spoofing and Remote Code Execution chain vulnerability

RELATED ADVISORIES

Connection Hijacking Vulnerability- Huawei

Recent Advisories

Categories