CVE-2020-1439

Summary

A remote code execution vulnerability exists in PerformancePoint Services for SharePoint Server when the software fails to check the source markup of XML file input, aka 'PerformancePoint Services Remote Code Execution Vulnerability'.

Affected Software

VendorProductVersion RangeStatus
MicrosoftMicrosoft SharePoint Enterprise Server2013 Service Pack 1affected
MicrosoftMicrosoft SharePoint Enterprise Server2016affected
MicrosoftMicrosoft SharePoint Server2019affected
MicrosoftMicrosoft SharePoint Server2010 Service Pack 2affected
MicrosoftMicrosoft SharePoint Foundation2013 Service Pack 1affected

Weaknesses

  • Remote Code Execution

ADP Enrichment

CVE Program Container

Additional References

References