CVE-2023-29357: Microsoft SharePoint Server Privilege Escalation

Microsoft SharePoint Server Privilege Escalation Vulnerability. Microsoft SharePoint Server contains an unspecified vulnerability that allows an unauthenticated attacker, who has gained access to spoofed JWT authentication tokens, to use them for executing a network attack. This attack bypasses authentication, enabling the attacker to gain administrator privileges.

• CISA KEV-listed (remediation due 2024-01-31)
• used in ransomware campaigns
• EPSS 94.4% (100.0% percentile)

Browse the CVE database

Read the full analysis on IntelFusions