CVE-2019-0604
Microsoft SharePoint Remote Code Execution Vulnerability
⚠ KEVEPSS 94.4%
Description
Microsoft SharePoint fails to check the source markup of an application package. An attacker who successfully exploits the vulnerability could run remote code in the context of the SharePoint application pool and the SharePoint server farm account.
How to fix CVE-2019-0604
No package mapping is available — consult the references below for vendor-specific guidance.
Is CVE-2019-0604 being exploited?
Yes — CVE-2019-0604 is on the CISA Known Exploited Vulnerabilities (KEV) catalog. Patch immediately.
Affected packages (0)
No package mapping in OSV.