cnvd - cnvd-2020-45186

cnvd-2020-45186

Vulnerability from cnvd

Title: Microsoft PerformancePoint Services远程代码执行漏洞

Description:

Microsoft SharePoint是美国微软（Microsoft）公司的一套企业业务协作平台。该平台用于对业务信息进行整合，并能够共享工作、与他人协同工作、组织项目和工作组、搜索人员和信息。

Microsoft PerformancePoint Services中存在远程代码执行漏洞，该漏洞源于程序无法检查输入XML文件的源标记。攻击者可借助特制的文档利用该漏洞在负责反序列化XML内容的进程上下文中执行任意代码。

Severity: 中

Patch Name: Microsoft PerformancePoint Services远程代码执行漏洞的补丁

Patch Description:

Microsoft PerformancePoint Services中存在远程代码执行漏洞，该漏洞源于程序无法检查输入XML文件的源标记。攻击者可借助特制的文档利用该漏洞在负责反序列化XML内容的进程上下文中执行任意代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2020-1439

Reference: https://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2020-1439

Impacted products

Name
['Microsoft SharePoint Server 2010 SP2', 'Microsoft SharePoint Foundation 2013 SP1', 'Microsoft SharePoint Enterprise Server 2013 SP1', 'Microsoft SharePoint Enterprise Server 2016', 'Microsoft SharePoint Server 2019']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-1439",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-1439"
    }
  },
  "description": "Microsoft SharePoint\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4e00\u5957\u4f01\u4e1a\u4e1a\u52a1\u534f\u4f5c\u5e73\u53f0\u3002\u8be5\u5e73\u53f0\u7528\u4e8e\u5bf9\u4e1a\u52a1\u4fe1\u606f\u8fdb\u884c\u6574\u5408\uff0c\u5e76\u80fd\u591f\u5171\u4eab\u5de5\u4f5c\u3001\u4e0e\u4ed6\u4eba\u534f\u540c\u5de5\u4f5c\u3001\u7ec4\u7ec7\u9879\u76ee\u548c\u5de5\u4f5c\u7ec4\u3001\u641c\u7d22\u4eba\u5458\u548c\u4fe1\u606f\u3002\n\nMicrosoft PerformancePoint Services\u4e2d\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u65e0\u6cd5\u68c0\u67e5\u8f93\u5165XML\u6587\u4ef6\u7684\u6e90\u6807\u8bb0\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684\u6587\u6863\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u8d1f\u8d23\u53cd\u5e8f\u5217\u5316XML\u5185\u5bb9\u7684\u8fdb\u7a0b\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2020-1439",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-45186",
  "openTime": "2020-08-10",
  "patchDescription": "Microsoft SharePoint\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4e00\u5957\u4f01\u4e1a\u4e1a\u52a1\u534f\u4f5c\u5e73\u53f0\u3002\u8be5\u5e73\u53f0\u7528\u4e8e\u5bf9\u4e1a\u52a1\u4fe1\u606f\u8fdb\u884c\u6574\u5408\uff0c\u5e76\u80fd\u591f\u5171\u4eab\u5de5\u4f5c\u3001\u4e0e\u4ed6\u4eba\u534f\u540c\u5de5\u4f5c\u3001\u7ec4\u7ec7\u9879\u76ee\u548c\u5de5\u4f5c\u7ec4\u3001\u641c\u7d22\u4eba\u5458\u548c\u4fe1\u606f\u3002\r\n\r\nMicrosoft PerformancePoint Services\u4e2d\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u65e0\u6cd5\u68c0\u67e5\u8f93\u5165XML\u6587\u4ef6\u7684\u6e90\u6807\u8bb0\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684\u6587\u6863\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u8d1f\u8d23\u53cd\u5e8f\u5217\u5316XML\u5185\u5bb9\u7684\u8fdb\u7a0b\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Microsoft PerformancePoint Services\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Microsoft SharePoint Server 2010 SP2",
      "Microsoft SharePoint Foundation 2013 SP1",
      "Microsoft SharePoint Enterprise Server 2013 SP1",
      "Microsoft SharePoint Enterprise Server 2016",
      "Microsoft SharePoint Server 2019"
    ]
  },
  "referenceLink": "https://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2020-1439",
  "serverity": "\u4e2d",
  "submitTime": "2020-07-30",
  "title": "Microsoft PerformancePoint Services\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

CVE-2020-1439 (GCVE-0-2020-1439)

Vulnerability from cvelistv5

Published

2020-07-14 22:54

Modified

2024-08-04 06:39

Severity ?

CWE

Remote Code Execution

Summary

A remote code execution vulnerability exists in PerformancePoint Services for SharePoint Server when the software fails to check the source markup of XML file input, aka 'PerformancePoint Services Remote Code Execution Vulnerability'.

References

▼	URL	Tags
	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1439	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-20-874/	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

Microsoft

Microsoft SharePoint Enterprise Server

Version: 2013 Service Pack 1
Version: 2016

	Microsoft	Microsoft SharePoint Server	Version: 2019 Version: 2010 Service Pack 2
	Microsoft	Microsoft SharePoint Foundation	Version: 2013 Service Pack 1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:39:10.465Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1439"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-874/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Microsoft SharePoint Enterprise Server",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "2013 Service Pack 1"
            },
            {
              "status": "affected",
              "version": "2016"
            }
          ]
        },
        {
          "product": "Microsoft SharePoint Server",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "2019"
            },
            {
              "status": "affected",
              "version": "2010 Service Pack 2"
            }
          ]
        },
        {
          "product": "Microsoft SharePoint Foundation",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "2013 Service Pack 1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A remote code execution vulnerability exists in PerformancePoint Services for SharePoint Server when the software fails to check the source markup of XML file input, aka \u0027PerformancePoint Services Remote Code Execution Vulnerability\u0027."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-16T17:06:16",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1439"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-874/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2020-1439",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Microsoft SharePoint Enterprise Server",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2013 Service Pack 1"
                          },
                          {
                            "version_value": "2016"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Microsoft SharePoint Server",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2019"
                          },
                          {
                            "version_value": "2010 Service Pack 2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Microsoft SharePoint Foundation",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2013 Service Pack 1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Microsoft"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A remote code execution vulnerability exists in PerformancePoint Services for SharePoint Server when the software fails to check the source markup of XML file input, aka \u0027PerformancePoint Services Remote Code Execution Vulnerability\u0027."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Remote Code Execution"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1439",
              "refsource": "MISC",
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1439"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-874/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-874/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2020-1439",
    "datePublished": "2020-07-14T22:54:44",
    "dateReserved": "2019-11-04T00:00:00",
    "dateUpdated": "2024-08-04T06:39:10.465Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted