CVE Vulnerabilities

CVE-2013-1290

Published: Apr 09, 2013 | Modified: Oct 12, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
3.5 LOW
AV:N/AC:M/Au:S/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Microsoft SharePoint Server 2013, in certain configurations involving legacy My Sites, does not properly establish default access controls for a SharePoint list, which allows remote authenticated users to bypass intended restrictions on reading list items via a direct request for a list’s location, aka Incorrect Access Rights Information Disclosure Vulnerability.

Affected Software

Name Vendor Start Version End Version
Sharepoint_server Microsoft 2013 2013

References