High severity8.8NVD Advisory· Published Jan 10, 2018· Updated Jun 17, 2026

CVE-2018-0790

Description

Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 and Microsoft SharePoint Server 2016 allow an elevation of privilege vulnerability due to the way web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0789.

Affected products

Microsoft/Sharepoint Serverllm-fuzzy
Range: =2013
Microsoft/Sharepoint Foundationllm-fuzzy
Range: =2010
Microsoft Corporation/Microsoft SharePointv5
Range: Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 and Microsoft SharePoint Server 2016

Patches

Vulnerability mechanics

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0790nvdPatchVendor Advisory
www.securityfocus.com/bid/102391nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1040150nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.572
epss	0.004
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000