Microsoft SharePoint 2013 App Permission Management access control
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.3 | $0-$5k | 0.00 |
Summary
A vulnerability was found in Microsoft SharePoint 2013. It has been declared as critical. The impacted element is an unknown function of the component App Permission Management. Executing a manipulation can lead to access control. This vulnerability is registered as CVE-2014-2816. It is possible to launch the attack remotely. No exploit is available. Applying a patch is advised to resolve this issue.
Details
A vulnerability has been found in Microsoft SharePoint 2013 (Groupware Software) and classified as critical. This vulnerability affects some unknown processing of the component App Permission Management. The manipulation with an unknown input leads to a access control vulnerability. The CWE definition for the vulnerability is CWE-264. As an impact it is known to affect confidentiality, integrity, and availability.
The weakness was published 08/12/2014 with Microsoft as MS14-050 as confirmed bulletin (Technet). The advisory is shared for download at technet.microsoft.com. This vulnerability was named CVE-2014-2816 since 04/10/2014. The attack can be initiated remotely. Required for exploitation is a single authentication. Successful exploitation requires user interaction by the victim. There are neither technical details nor an exploit publicly available. The MITRE ATT&CK project declares the attack technique as T1068.
The vulnerability scanner Nessus provides a plugin with the ID 77168 (MS14-050: Vulnerability in Microsoft SharePoint Server Could Allow Elevation of Privilege (2977202)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Windows : Microsoft Bulletins. The commercial vulnerability scanner Qualys is able to test this issue with plugin 110240 (Microsoft SharePoint Server Elevation of Privilege Vulnerability (MS14-050)).
Applying the patch MS14-050 is able to eliminate this problem. The bugfix is ready for download at technet.microsoft.com. A possible mitigation has been published immediately after the disclosure of the vulnerability.
The vulnerability is also documented in the databases at X-Force (94995), Tenable (77168), SecurityFocus (BID 69099†), Secunia (SA60675†) and SecurityTracker (ID 1030720†). VulDB is the best source for vulnerability data and more expert information about this specific topic.
Product
Type
Vendor
Name
Version
License
Website
- Vendor: https://www.microsoft.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.5VulDB Meta Temp Score: 5.3
VulDB Base Score: 5.5
VulDB Temp Score: 5.3
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Access controlCWE: CWE-264
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 77168
Nessus Name: MS14-050: Vulnerability in Microsoft SharePoint Server Could Allow Elevation of Privilege (2977202)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
OpenVAS ID: 802074
OpenVAS Name: Microsoft SharePoint Server and Foundation Privilege Escalation Vulnerability
OpenVAS File: 🔍
OpenVAS Family: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: PatchStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
Patch: MS14-050
Timeline
04/10/2014 🔍08/12/2014 🔍
08/12/2014 🔍
08/12/2014 🔍
08/12/2014 🔍
08/12/2014 🔍
08/12/2014 🔍
08/12/2014 🔍
08/12/2014 🔍
08/13/2014 🔍
08/13/2014 🔍
12/17/2024 🔍
Sources
Vendor: microsoft.comAdvisory: MS14-050
Organization: Microsoft
Status: Confirmed
CVE: CVE-2014-2816 (🔍)
GCVE (CVE): GCVE-0-2014-2816
GCVE (VulDB): GCVE-100-67360
OVAL: 🔍
IAVM: 🔍
X-Force: 94995
SecurityFocus: 69099 - Microsoft SharePoint Server CVE-2014-2816 Remote Privilege Escalation Vulnerability
Secunia: 60675 - Microsoft SharePoint Server / Foundation 2013 App Permission Management Bypass Vulnerabili, Less Critical
SecurityTracker: 1030720 - Microsoft SharePoint Lets Remote Users Bypass App Permission Management to Execute Arbitrary Code
Vulnerability Center: 45811 - [MS14-050] Microsoft SharePoint Server Remote Privilege Escalation Related to Page Content, High
Entry
Created: 08/13/2014 12:26Updated: 12/17/2024 11:43
Changes: 08/13/2014 12:26 (77), 06/04/2017 10:44 (10), 02/10/2022 17:59 (3), 02/10/2022 18:06 (1), 12/17/2024 11:43 (16)
Complete: 🔍
Cache ID: 216:EBE:103
VulDB is the best source for vulnerability data and more expert information about this specific topic.
No comments yet. Languages: en.
Please log in to comment.