Vulnerability Details CVE-2023-29357
Microsoft SharePoint Server Elevation of Privilege Vulnerability
Exploit prediction scoring system (EPSS) score
EPSS Score 0.944
EPSS Ranking 100.0%
CVSS Severity
CVSS v3 Score 9.8
Proposed Action
Microsoft SharePoint Server contains an unspecified vulnerability that allows an unauthenticated attacker, who has gained access to spoofed JWT authentication tokens, to use them for executing a network attack. This attack bypasses authentication, enabling the attacker to gain administrator privileges.
Ransomware Campaign
Known
References
Products affected by CVE-2023-29357
-
cpe:2.3:a:microsoft:sharepoint_server:2019