CVE-2019-0604

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Mar 5, 2019

Updated: Dec 13, 2019

CWE ID 20

Summary

CVE-2019-0604 is a remote code execution vulnerability affecting Microsoft SharePoint. The issue arises due to the software's failure to properly check the source markup of an application package. An attacker can exploit this vulnerability to execute arbitrary code on affected systems, making it distinct from CVE-2019-0594. Microsoft urges users to install the available patch to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Microsoft SharePoint Server
Microsoft SharePoint Foundation
Microsoft Sharepoint Enterprise Server

Affected Vendors

Microsoft

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/ZFnwSi
https://www.cve.org/CVERecord?id=CVE-2019-0604
https://nvd.nist.gov/vuln/detail/CVE-2019-0604

Back to Vulnerability Database