CVE-2023-29357
9.8CRITICALMicrosoft SharePoint Server Elevation of Privilege Vulnerability
Опубликовано: 6/14/2023Обновлено: 10/28/2025
Известная эксплуатируемая уязвимость CISA
Microsoft SharePoint Server contains an unspecified vulnerability that allows an unauthenticated attacker, who has gained access to spoofed JWT authentication tokens, to use them for executing a network attack. This attack bypasses authentication, enabling the attacker to gain administrator privileges.
Требуемое действие:
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Срок:
2024-01-31
Известное использование вымогателей
Описание
Microsoft SharePoint Server Elevation of Privilege Vulnerability
ИИ-АнализНа базе ИИ
Затронутые продукты
microsoftsharepoint_server
2019
Ссылки
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29357PatchVendor Advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29357PatchVendor Advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-29357US Government Resource