Skip to main content

Microsoft SharePoint CVE-2019-0604

The ACSC is aware of malicious cyber actors successfully exploiting a Microsoft SharePoint vulnerability in order to implant web shells on compromised hosts.

Alert status

This vulnerability (CVE-2019-0604) was originally identified in a security advisory published by Microsoft on 12 February 2019. This security advisory was subsequently updated on 25 April 2019 with a new software patch. This ACSC advisory provides recommendations for securing Microsoft SharePoint and advice on identifying potential successful exploitation of this vulnerability.

Further details on this vulnerability are available from Microsoft.

Was this information helpful?
Was this information helpful?

Thanks for your feedback!


Tell us why this information was helpful and we’ll work on making more pages like it