Improper Input Validation
CVE-2017-11936
Summary
Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability due to the way web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability".
- LOW
- NETWORK
- HIGH
- UNCHANGED
- NONE
- LOW
- HIGH
- HIGH
CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
References
Advisory Timeline
- Published