Vulnerability Details : CVE-2022-38053

Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41036, CVE-2022-41037, CVE-2022-41038.

Vulnerability category: Execute code

Published 2022-10-11 19:15:20

Updated 2022-10-13 15:43:40

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2022-38053

Probability of exploitation activity in the next 30 days: 0.76%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 79 % EPSS Score History EPSS FAQ

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	2.8	5.9	secure@microsoft.com
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38053

CVE-2022-38053 - Security Update Guide - Microsoft - Microsoft SharePoint Server Remote Code Execution Vulnerability
Patch;Vendor Advisory

Microsoft » Sharepoint Server » Version: 2019
cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*
Matching versions
Microsoft » Sharepoint Server » Version: N/A Subscription Edition
cpe:2.3:a:microsoft:sharepoint_server:-:*:*:*:subscription:*:*:*
Matching versions
Microsoft » Sharepoint Foundation » Version: 2013 Update SP1
cpe:2.3:a:microsoft:sharepoint_foundation:2013:sp1:*:*:*:*:*:*
Matching versions
Microsoft » Sharepoint Enterprise Server » Version: 2016
cpe:2.3:a:microsoft:sharepoint_enterprise_server:2016:*:*:*:*:*:*:*
Matching versions
Microsoft » Sharepoint Enterprise Server » Version: 2013 Update SP1
cpe:2.3:a:microsoft:sharepoint_enterprise_server:2013:sp1:*:*:*:*:*:*
Matching versions