MS.Sharepoint.Namespace.Handling.Insecure.Deserialization
Description
This indicates an attack attempt to exploit an Insecure Deserialization Vulnerability in Microsoft SharePoint Server.
The vulnerability is due to improper validation when handling a Web Part XML data. A remote attacker could exploit this vulnerability by sending a request with crafted Web Part XML data. Successful exploitation results in bypassing the security mechanisms to disclose sensitive information and ultimately execute arbitrary code in the context of service account.
Affected Products
Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Server 2019
Microsoft SharePoint Foundation 2013 Service Pack 1
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31181
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |