VDB
CVE-2020-0971
CVE-2020-0971
PUBLISHED
CVSS 6.5 MEDIUM
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0920, CVE-2020-0929, CVE-2020-0931, CVE-2020-0932, CVE-2020-0974.
EPSS 22.50% · 96.0th percentile
Risk Scores
CVSS 2.0
6.5
EPSS Score
22.50%
96.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| microsoft | sharepoint_foundation | 2010, 2013 |
| Microsoft | Microsoft SharePoint Server | 2019 |
| Microsoft | Microsoft SharePoint Enterprise Server | 2016 |
| microsoft | sharepoint_server | 2019 |
| Microsoft | Microsoft SharePoint Foundation | 2010 Service Pack 2, * |
| microsoft | sharepoint_enterprise_server | 2016 |
Exploit Intelligence
Timeline
- Apr 15, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
- Mar 22, 2023 EPSS Score
- May 13, 2023 EPSS Score
References
- https://portal.msrc.microsoft.com/fr-FR/security-guidance advisory
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0971 url
- https://www.zerodayinitiative.com/advisories/ZDI-20-1398/ url
- https://nvd.nist.gov/vuln/detail/CVE-2020-0971 advisory
- https://www.zerodayinitiative.com/advisories/ZDI-20-1398 url