THREATOPS
THREAT OPSCVEs › CVE-2023-29357

CVE-2023-29357 — Microsoft SharePoint Server Privilege Escalation Vulnerability

CISA KEVExploited: confirmedMicrosoft

Microsoft SharePoint Server contains an unspecified vulnerability that allows an unauthenticated attacker, who has gained access to spoofed JWT authentication tokens, to use them for executing a network attack. This attack bypasses authentication, enabling the attacker to gain administrator privileges.

Vulnerability details