NVD

Id
37530  
Name
CVE-2013-1290  
Description
Microsoft SharePoint Server 2013, in certain configurations involving legacy My Sites, does not properly establish default access controls for a SharePoint list, which allows remote authenticated users to bypass intended restrictions on reading list items via a direct request for a list"s location, aka "Incorrect Access Rights Information Disclosure Vulnerability."  
Reject
 
CVSS Version
2  
CVSS Score
3.5  
Severity
Low  
CVSS Base Score
3.5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
6.8  
CVSS Vector
(AV:N/AC:M/Au:S/C:P/I:N/A:N)  
Pub Date
2017-01-18  
Published
2013-04-09  
Modified Date
2013-11-02  
Seq
2013-1290  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
191087 37530 CVE-2013-1290 oval:org.mitre.oval:def:15758  View
191088 37530 CVE-2013-1290 MS13-030  View
191089 37530 CVE-2013-1290 TA13-100A  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
20608 JVNDB-2013-002183 Microsoft SharePoint Server 2013 におけるリスト項目の読み取り制限を回避される脆弱性 Microsoft SharePoint Server 2013 は、従来の個人用サイトを含む特定の構成において、SharePoint リストへのデフォルトのアクセス制御を適切に確立しないため、リスト項目の読み取りに関する制限を回避される脆弱性が存在します。 CVE-2013-1290 61232 CVE-2013-1290 37530 3.5 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-002183.html 2013-04-09 2013-04-16 View