virus logo FortiClient Vulnerability

Microsoft Office CVE-2020-1025 Elevation of Privilege Vulnerability

description-logoDescription

An elevation of privilege vulnerability exists when Microsoft SharePoint Server and Skype for Business Server improperly handle OAuth token validation. An attacker who successfully exploited the vulnerability could bypass authentication and achieve improper access. To exploit this vulnerability, an attacker would need to modify the token. The update addresses the vulnerability by modifying how Microsoft SharePoint Server and Skype for Business Server validate tokens.

affected-products-logoAffected Applications

Microsoft SharePoint Server 2019
Skype for Business Server 2015 CU 8
Microsoft Lync Server 2013
Microsoft SharePoint Enterprise Server 2016
Skype for Business Server 2019 CU2
Microsoft SharePoint Foundation 2013 Service Pack 1

CVE References

CVE-2020-1025

Other References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-1025
ID 64181
Created Jul 14, 2020
Description
Updated		 Dec 21, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Microsoft
Patch auto
Application Microsoft SharePoint Server 2019 , Skype for Business Server 2015 CU 8 , Microsoft Lync Server 2013 , Microsoft SharePoint Enterprise Server 2016 , Skype for Business Server 2019 CU2 , Microsoft SharePoint Foundation 2013 Service Pack 1