Share this Tech Tip!

CVE-2019-1491 | Microsoft SharePoint Server Information Disclosure Vulnerability

The Microsoft Security Response Team has identified an Important security vulnerability. This vulnerability potentially allows an attacker to send a specifically crafted request to a susceptible SharePoint system which would allow the attacker to read from the filesystem. Since this vulnerability has not been exploited, the specifics of the vulnerability have not been publicly disclosed. This vulnerability impacts SharePoint 2019, 2016, 2013 and 2010. It can be remediated with a Microsoft Security update. For further information, refer to the following:





Microsoft SharePoint Enterprise Server 2016


Security Update

Microsoft SharePoint Foundation 2010 Service Pack 2


Security Update

Microsoft SharePoint Foundation 2013 Service Pack 1


Security Update

Microsoft SharePoint Server 2019


Security Update


For assistance remediating this issue, please contact ZAACT HERE.


Author: Jason Thornbrugh, Cloud Architect
Jason is an IT Infrastructure Specialist who has been working in IT system design, security and infrastructure roles for 20+ years. He holds multiple industry certifications in virtual infrastructure and private cloud. Jason has developed massively scalable infrastructure supporting sales, marketing and engineering workloads for a Fortune 20 company. He has a passion for developing systems at scale that satisfy a diverse set of customer requirements while providing scalability, availability, security and performance.