What is CVE-2018-8518?

CVE-2018-8518 is a vulnerability in Microsoft Sharepoint. Published 2018-10-10.

Is CVE-2018-8518 known to be exploited?

18 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Sharepoint

CVE-2018-8518

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." T…

EPSS: 0.010 (77.7th percentile) — read the EPSS interpretation.

Affected products

Microsoft Sharepoint — versions Enterprise Server 2013 Service Pack 1, Enterprise Server 2016

Public proof-of-concept exploits

ARPSyndicate/cvemon
ErdemOzgen/ActiveDirectoryAttacks
Nieuport/Active-Directory-Kill-Chain-Attack-Defense
R0B1NL1N/AD-Attack-Defense
Whiteh4tWolf/Attack-Defense
ZyberPatrol/Active-Directory
aymankhder/AD-attack-defense
bhataasim1/AD-Attack-Defence
geeksniper/active-directory-pentest
hackeremmen/Active-Directory-Kill-Chain-Attack-Defense-

References

105496 (vdb-entry, x_refsource_BID)
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8518 (x_refsource_CONFIRM)
1041835 (vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2018-8518?: CVE-2018-8518 is a vulnerability in Microsoft Sharepoint. Published 2018-10-10.
Is CVE-2018-8518 known to be exploited?: 18 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.