CVE-2023-29357
9.8CRITICALMicrosoft SharePoint Server Elevation of Privilege Vulnerability
게시됨: 6/14/2023업데이트됨: 10/28/2025
CISA 알려진 악용 취약점
Microsoft SharePoint Server contains an unspecified vulnerability that allows an unauthenticated attacker, who has gained access to spoofed JWT authentication tokens, to use them for executing a network attack. This attack bypasses authentication, enabling the attacker to gain administrator privileges.
필요한 조치:
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
마감일:
2024-01-31
알려진 랜섬웨어 사용
설명
Microsoft SharePoint Server Elevation of Privilege Vulnerability
AI 분석AI 기반
영향받는 제품
microsoftsharepoint_server
2019
참조
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29357PatchVendor Advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29357PatchVendor Advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-29357US Government Resource