CVE-2019-0604

Known Exploited Vulnerability Entry External Catalog

Back to Catalog View Vulnerability
Entry Details

CVE-2019-0604

Confirmed

Yes

2021-11-03 00:00 UTC

Timestamps

2021-11-03

2021-11-03

Scope

KEV entry: Microsoft SharePoint Remote Code Execution Vulnerability | Affected: Microsoft / SharePoint | Description: Microsoft SharePoint fails to check the source markup of an application package. An attacker who successfully exploits the vulnerability could run remote code in the context of the SharePoint application pool and the SharePoint server farm account. | Required action: Apply updates per vendor instructions. | Due date: 2022-05-03 | Known ransomware campaign use (KEV): Known | Notes (KEV): https://nvd.nist.gov/vuln/detail/CVE-2019-0604

References
  • {'id': 'CVE-2019-0604', 'url': 'https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2019-0604'}

b51e6b23-bed2-431a-8c72-3520ff3995cc

405284c2-e461-4670-8979-7fd2c9755a60

2026-02-02 13:26 UTC

2026-02-06 07:53 UTC

Evidence (1)
Type Source Signal Confidence Details GCVE Metadata
vendor_report cisa-kev successful_exploitation 0.80
View details 
{
  "cwes": [
    "CWE-20"
  ],
  "date_added": "2021-11-03",
  "due_date": "2022-05-03",
  "feed": "CISA Known Exploited Vulnerabilities Catalog",
  "knownRansomwareCampaignUse": "Known",
  "product": "SharePoint",
  "vendorProject": "Microsoft",
  "vulnerabilityName": "Microsoft SharePoint Remote Code Execution Vulnerability"
}
 -
Export Options
JSON Object JSON API View Full Catalog