#VU54753 Improper validation of integrity check value in Microsoft SharePoint Server and Microsoft SharePoint Foundation - CVE-2021-34519

Cybersecurity Help s.r.o.

Published: 2021-07-13 | Updated: 2021-07-19

Vulnerability identifier: #VU54753

Vulnerability risk: Medium

CVSSv4.0: 1.2 [CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-34519

CWE-ID: CWE-354

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
Microsoft SharePoint Server
Server applications / Application servers
Microsoft SharePoint Foundation
Server applications / Application servers

Vendor: Microsoft

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to missing integrity check on update downloads for SharePoint Help updates. A remote attacker can perform MitM attack and replace the files contents during update downloads.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Microsoft SharePoint Server: 2013 - 2016

Microsoft SharePoint Foundation: 2013

External links
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34519
https://www.zerodayinitiative.com/advisories/ZDI-21-830/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Microsoft SharePoint Server