CVE-2019-0604

Summary

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594.

Affected Software

VendorProductVersion RangeStatus
MicrosoftMicrosoft SharePoint Server2010 Service Pack 2affected
MicrosoftMicrosoft SharePoint Server2019affected
MicrosoftMicrosoft SharePoint Foundation2013 Service Pack 1affected
MicrosoftMicrosoft SharePoint Enterprise Server2016affected

Weaknesses

  • Remote Code Execution

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: active
    • Automatable: yes
    • Technical Impact: total

Additional References

References