issued an out of band security advisory for an information disclosure
vulnerability in SharePoint Server.
The issue, CVE-2019-1491,
is has an “important” severity rating and affects SharePoint Enterprise Server
2016, SharePoint Foundation 2010 Pack 2, SharePoint Foundation 2013 Pack 1 and
SharePoint Server 2019.
the vulnerability could allow unauthorized file system access – reading from
the file system.
has not been publicly disclosed nor exploited in the wild, Microsoft stated.
There are no workarounds or mitigations at this time.