Patch/Configuration Management, Vulnerability Management

Microsoft issues an advisory for a SharePoint vulnerability

Microsoft issued an out of band security advisory for an information disclosure vulnerability in SharePoint Server.

The issue, CVE-2019-1491, is has an “important” severity rating and affects SharePoint Enterprise Server 2016, SharePoint Foundation 2010 Pack 2, SharePoint Foundation 2013 Pack 1 and SharePoint Server 2019.

If exploited the vulnerability could allow unauthorized file system access - reading from the file system.

The vulnerability has not been publicly disclosed nor exploited in the wild, Microsoft stated. There are no workarounds or mitigations at this time.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.