A remote code execution vulnerability exists in PerformancePoint Services for SharePoint Server when the software fails to check the source markup of XML file input, aka 'PerformancePoint Services Remote Code Execution Vulnerability'.
References
Link | Resource |
---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1439 | Patch Vendor Advisory |
https://www.zerodayinitiative.com/advisories/ZDI-20-874/ | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: microsoft
Published: 2020-07-14T22:54:44
Updated: 2020-07-16T17:06:16
Reserved: 2019-11-04T00:00:00
Link: CVE-2020-1439
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-07-14T23:15:19.387
Modified: 2020-07-23T20:15:16.613
Link: CVE-2020-1439
JSON object: View
Redhat Information
No data.
CWE