Microsoft SharePoint Server Privilege Escalation Vulnerability - 20240111003¶
Overview¶
Microsoft have released a critical updated for Sharepoint Server. An attacker who successfully exploited this vulnerability could gain administrator privileges.
What is vulnerable?¶
| Product(s) Affected | Summary | Severity | CVSS |
|---|---|---|---|
| Microsoft SharePoint Server 2019 versions before 16.0.10399.20005 | An attacker who has gained access to spoofed JWT authentication tokens can use them to execute a network attack which bypasses authentication and allows them to gain access to the privileges of an authenticated user. The attacker needs no privileges nor does the user need to perform any action. | Critical | 9.8 |
What has been observed?¶
CISA has added the above CVEs to their Known Exploited Vulnerabilities Catalog.
Recommendation¶
The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of 48 Hours... (refer Patch Management):
Additional References¶
- CISA Known Exploited Vulnerabilities Catalog: https://www.cisa.gov/known-exploited-vulnerabilities-catalog