Vulnerability Details : CVE-2018-8578
An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages, aka "Microsoft SharePoint Information Disclosure Vulnerability." This affects Microsoft SharePoint.
Vulnerability category: Information leak
Products affected by CVE-2018-8578
- cpe:2.3:a:microsoft:sharepoint_enterprise_server:2013:sp1:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-8578
2.53%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 84 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-8578
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.0
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:N/A:N |
8.0
|
2.9
|
NIST | |
|
4.3
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
2.8
|
1.4
|
NIST |
References for CVE-2018-8578
-
http://www.securityfocus.com/bid/105832
Microsoft SharePoint Server CVE-2018-8578 Information Disclosure VulnerabilityThird Party Advisory;VDB Entry
-
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8578
CVE-2018-8578 | Microsoft SharePoint Information Disclosure VulnerabilityPatch;Vendor Advisory
-
http://www.securitytracker.com/id/1042133
Microsoft SharePoint Flaw Lets Remote Users Obtain Potentially Sensitive Information on the Target System - SecurityTrackerThird Party Advisory;VDB Entry
Jump to