High severity8.8NVD Advisory· Published Dec 12, 2017· Updated May 13, 2026

CVE-2017-11936

Description

Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability due to the way web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability".

Affected products

Microsoft/Sharepoint Enterprise Server
cpe:2.3:a:microsoft:sharepoint_enterprise_server:2016:*:*:*:*:*:*:*
Microsoft Corporation/Microsoft SharePointv5
Range: Microsoft SharePoint Enterprise Server 2016

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11936nvdIssue TrackingPatchVendor Advisory
www.securityfocus.com/bid/102068nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1039995nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.572
epss	0.012
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000