High severity8.8NVD Advisory· Published Mar 14, 2018· Updated Jun 17, 2026

CVE-2018-0947

Description

Microsoft SharePoint Foundation 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910. CVE-2018-0911, CVE-2018-0912, CVE-2018-0913 CVE-2018-0914, CVE-2018-0915, CVE-2018-0916, CVE-2018-0917, CVE-2018-0921, CVE-2018-0923 and CVE-2018-0944.

Affected products

Microsoft/SharePoint Enterprise Server 2016llm-create
Range: = 2016
Microsoft/Sharepoint Foundationllm-fuzzy
Range: = 2013 SP1
Microsoft Corporation/Microsoft SharePointv5
Range: Microsoft SharePoint Foundation 2013 SP1 and Microsoft SharePoint Enterprise Server 2016

Patches

Vulnerability mechanics

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0947nvdPatchVendor Advisory
www.securityfocus.com/bid/103306nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1040513nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.572
epss	0.004
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000