CISA既知の悪用された脆弱性
Microsoft SharePoint Server contains an unspecified vulnerability that allows an unauthenticated attacker, who has gained access to spoofed JWT authentication tokens, to use them for executing a network attack. This attack bypasses authentication, enabling the attacker to gain administrator privileges.
必要な対応:
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
期限:
2024-01-31
既知のランサムウェア使用
説明
Microsoft SharePoint Server Elevation of Privilege Vulnerability
AI分析AIによる分析
影響を受ける製品
microsoftsharepoint_server
2019
参照
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29357PatchVendor Advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29357PatchVendor Advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-29357US Government Resource