virus logo Intrusion Prevention

MS.Sharepoint.Namespace.Handling.Insecure.Deserialization

description-logoDescription

This indicates an attack attempt to exploit an Insecure Deserialization Vulnerability in Microsoft SharePoint Server.
The vulnerability is due to improper validation when handling a Web Part XML data. A remote attacker could exploit this vulnerability by sending a request with crafted Web Part XML data. Successful exploitation results in bypassing the security mechanisms to disclose sensitive information and ultimately execute arbitrary code in the context of service account.

affected-products-logoAffected Products

Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Server 2019
Microsoft SharePoint Foundation 2013 Service Pack 1

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31181

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2021-07-28 18.129 Sig Added
2021-05-19 18.082 Default_action:pass:drop
2021-05-11 18.076

References

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31181
ID 50259
Created May 11, 2021
Updated Aug 21, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2021-31181
Exploit Prediction Score 28.29%
Default Action drop
Active
Affected OS Windows
Affected App Other