1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar

Vulnerability protection

Microsoft SharePoint Server vulnerability could allow information disclosure

Report ID: MS201304003
Date Published: 10 April 2013

Criticality: Important
Compromise Type: information-disclosure
Compromise From: remote

Affected Product/Component:

Microsoft SharePoint Server 2013 (coreserverloc)


A vulnerability in Microsoft SharePoint Server could lead to information disclosure, where the attacker could be able to access sensitive documents.

Detailed Description

Microsoft has released a security update to address an information disclosure vulnerability that was reported found in the SharePoint Server. The vulnerability was caused by the way that SharePoint applies access controls to a list. If successfully exploited, an attacker could be able to access sensitive documents.

This issue has beed resolved by making a correction on the way that default access control are applied to the SharePoint list. Users are recommended to install the latest update as a protection measure against possible exploit attempts.

CVE Reference



Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms13-030)

Security Advisories

For a list of known vulnerabilities affecting F-Secure products and the released fixes, please refer to the Security Advisories page.