How severe is CVE-2023-24955?

CVE-2023-24955 has a CVSS v3 score of 7.2 (HIGH).

CVE-2023-24955

Name: sharepoint_server
Author: microsoft

7.2HIGH

Microsoft SharePoint Server Remote Code Execution Vulnerability

Опубликовано: 5/9/2023Обновлено: 10/28/2025

Известная эксплуатируемая уязвимость CISA

Microsoft SharePoint Server contains a code injection vulnerability that allows an authenticated attacker with Site Owner privileges to execute code remotely.

Требуемое действие:

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Срок:

2024-04-16

Известное использование вымогателей

Описание

Microsoft SharePoint Server Remote Code Execution Vulnerability

ИИ-АнализНа базе ИИ

Затронутые продукты

microsoftsharepoint_enterprise_server

2016

microsoftsharepoint_server

2019

Ссылки

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24955
PatchVendor Advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24955
PatchVendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-24955
US Government Resource