Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
SharePoint Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2019-1202 - Vulnerability Database
SharePoint

SharePoint Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2019-1202

Medium
Reference: CVE-2019-1202
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2019-1202
Title: SharePoint Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

An information disclosure vulnerability exists in the way Microsoft SharePoint handles session objects. An authenticated attacker who successfully exploited the vulnerability could hijack the session of another user. To exploit this vulnerability the attacker could run a specially crafted application. The security update corrects how SharePoint handles session objects to prevent user session hijacking.