Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2020-1025

UNKNOWN
Published 2020-07-14T22:53:56
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2020-1025. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

No description available

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Microsoft

Skype for Business Server 2019 CU2

Affected Versions:

7.0.0
Microsoft

Skype for Business Server 2015 CU 8

Affected Versions:

2015 CU 8
Microsoft

Microsoft Lync Server 2013

Affected Versions:

0
Microsoft

Microsoft SharePoint Enterprise Server 2016

Affected Versions:

16.0.0
Microsoft

Microsoft SharePoint Server 2019

Affected Versions:

16.0.0
Microsoft

Microsoft SharePoint Foundation 2013 Service Pack 1

Affected Versions:

15.0.0

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-5xrx-pfvm-p5p8

Advisory Details

An elevation of privilege vulnerability exists when Microsoft SharePoint Server and Skype for Business Server improperly handle OAuth token validation, aka 'Microsoft Office Elevation of Privilege Vulnerability'.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2020-1025
WEB https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1025

Advisory provided by GitHub Security Advisory Database. Published: May 24, 2022, Modified: January 9, 2024

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1025
Published: 2020-07-14T22:53:56
Last Modified: 2024-08-04T06:24:59.514Z
Copied to clipboard!