Check: 2014-A-0125
windows 7 iavm:
2014-A-0125
(in version v1 r32)
Title
Microsoft Sharepoint Server Elevation of Privilege Vulnerability (Cat II impact)
Discussion
Microsoft has released a security bulletin addressing an elevation of privilege vulnerability in Microsoft SharePoint. To exploit these vulnerabilities, an attacker would create a specially crafted app designed to exploit this vulnerability, and then convince users to install the specially crafted app. If successfully exploited, the vulnerability could use the specially crafted app to execute arbitrary script in the security context of the logged-on user. The script could then take actions on the affected SharePoint site on behalf of the logged-on user with the same permissions as the logged-on user.
Check Content
Fix Text
Additional Identifiers
Rule ID:
Vulnerability ID: V-53799
Group Title:
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| No CCIs are assigned to this check |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |