CVE-2018-0914

CVE Database · CVE-2018-0914

CVE-2018-0914

· N/AModified

CVSS v3.1

N/A

EPSS

4.58%

Published

Mar 14, 2018

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910. CVE-2018-0911, CVE-2018-0912, CVE-2018-0913, CVE-2018-0915, CVE-2018-0916, CVE-2018-0917, CVE-2018-0921, CVE-2018-0923, CVE-2018-0944 and CVE-2018-0947.

Weaknesses (CWE)

CWE-79

Affected Products (2)

microsoft · project_servervulnerable

microsoft · sharepoint_enterprise_servervulnerable

References (6)

http://www.securityfocus.com/bid/103291

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1040513

Third Party AdvisoryVDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0914

PatchVendor Advisory

http://www.securityfocus.com/bid/103291

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1040513

Third Party AdvisoryVDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0914

KEV Catalog EPSS Scores Vendors All CVEs