CVE-2023-29357
9.8CRITICALMicrosoft SharePoint Server Elevation of Privilege Vulnerability
Veröffentlicht: 6/14/2023Aktualisiert: 10/28/2025
CISA Bekannte Ausgenutzte Schwachstelle
Microsoft SharePoint Server contains an unspecified vulnerability that allows an unauthenticated attacker, who has gained access to spoofed JWT authentication tokens, to use them for executing a network attack. This attack bypasses authentication, enabling the attacker to gain administrator privileges.
Erforderliche Maßnahme:
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Fälligkeitsdatum:
2024-01-31
Bekannte Ransomware-Nutzung
Beschreibung
Microsoft SharePoint Server Elevation of Privilege Vulnerability
KI-AnalyseKI-gestützt
Betroffene Produkte
microsoftsharepoint_server
2019
Referenzen
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29357PatchVendor Advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29357PatchVendor Advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-29357US Government Resource