On December 17, Microsoft officially released the CVE-2019-1491 vulnerability warning and patch.
Microsoft SharePoint is a set of corporate business collaboration platforms from Microsoft. The platform is used to integrate business information and enable shared work, collaborative work with others, organization of projects and workgroups, search for people and information. An information disclosure vulnerability exists in SharePoint Server. To exploit this vulnerability, an attacker would need to send a specially crafted request to a specific instance of SharePoint Server. An attacker who successfully exploited this vulnerability could read arbitrary files on the target server.
- Microsoft SharePoint Enterprise Server 2016
- Microsoft SharePoint Foundation 2010 Service Pack 2
- Microsoft SharePoint Foundation 2013 Service Pack 1
- Microsoft SharePoint Server 2019
At present, Microsoft has officially released an update patch to fix the vulnerability. We recommend that users confirm in time whether they are affected by the vulnerability and take patching measures as soon as possible.
The post CVE-2019-1491: Microsoft SharePoint Server Information Disclosure Vulnerability Alert appeared first on InfoTech News.