Test ID:	1.3.6.1.4.1.25623.1.0.811595
Category:	Windows : Microsoft Bulletins
Title:	Microsoft SharePoint Server Information Disclosure Vulnerability (2827663)
Summary:	This host is missing an important security; update according to Microsoft Bulletin MS13-030
Description:	Summary: This host is missing an important security update according to Microsoft Bulletin MS13-030 Vulnerability Insight: The flaw is due to certain configurations involving legacy My Sites, does not properly establish default access controls for a SharePoint list. Vulnerability Impact: Successful exploitation will allow information disclosure if an attacker determined the address or location of a specific SharePoint list and gained access to the SharePoint site where the list is maintained. The attacker would need to be able to satisfy the SharePoint site's authentication requests to exploit this vulnerability. Affected Software/OS: Microsoft SharePoint Server 2013. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 3.5 CVSS Vector: AV:N/AC:M/Au:S/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-1290 Cert/CC Advisory: TA13-100A http://www.us-cert.gov/ncas/alerts/TA13-100A Microsoft Security Bulletin: MS13-030 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-030 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15758
Copyright	Copyright (C) 2017 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.