Intrusion PreventionMS.SharePoint.Server.CVE-2023-29357.Privilege.Escalation
Description
This indicates an attack attempt to exploit an Elevation Of Privilege Vulnerability in Microsoft Sharepoint Server.
The vulnerability is due to an error in the vulnerable application when handling a maliciously crafted request. A remote attacker may be able to exploit this to gain administrative privileges.
Outbreak Alert
CVE-2023-29357 is an authentication bypass vulnerability, which means that adversaries may use it to escalate privileges on affected installations of Microsoft SharePoint Server. If the user is a privileged account, such as an administrator, the attacker will gain elevated privileges.
Affected Products
Microsoft SharePoint Server 2019
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29357
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2024-02-08 | 26.730 | Sig Added |
| 2024-01-17 | 26.716 | Sig Added |
| 2023-09-13 | 25.637 | Sig Added |
| 2023-07-04 | 24.593 | Default_action:pass:drop |
| 2023-06-29 | 24.592 | Sig Added |
| 2023-06-28 | 24.591 | Name:Microsoft. SharePoint. Server. CVE-2023-29357. Privilege. Escalation:MS. SharePoint. Server. CVE-2023-29357. Privilege. Escalation |
| 2023-06-20 | 24.585 | Sig Added |
| 2023-06-13 | 24.576 |
| ID | 53295 |
| Created | Jun 13, 2023 |
| Updated | Feb 08, 2024 |
| Outbreak Alert | Microsoft SharePoint EoP |
| Risk |
|
| CVE ID | CVE-2023-29357 |
| Known Exploited | Yes |
| Exploit Prediction Score | 42.91% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | Other |