VDB
CVE-2023-24954
CVE-2023-24954
PUBLISHED
Es existiert eine Schwachstelle in Microsoft SharePoint und Microsoft SharePoint Server 2019. Microsoft veröffentlicht keine weiteren Details zur Schwachstelle. Ein entfernter, authentisierter Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen.
EPSS 2.64% · 86.0th percentile
Risk Scores
EPSS Score
2.64%
86.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft SharePoint Server Subscription Edition | |
| Microsoft | Microsoft SharePoint Enterprise Server 2016 | |
| Microsoft | Microsoft SharePoint Server 2019 |
Exploit Intelligence
- https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1 (msrc)
- CIRCL exploited: CVE-2023-24955 (circl-sighting)
- CIRCL exploited: CVE-2023-24955 (circl-sighting)
- CIRCL exploited: CVE-2023-24955 (circl-sighting)
- CIRCL seen: CVE-2023-24955 (circl-sighting)
- CIRCL seen: CVE-2023-24955 (circl-sighting)
- CIRCL seen: CVE-2023-24955 (circl-sighting)
- CIRCL seen: CVE-2023-24955 (circl-sighting)
- CIRCL exploited: CVE-2023-24955 (circl-sighting)
- CIRCL exploited: CVE-2023-24955 (circl-sighting)
…and 19 more exploits
Timeline
- May 9, 2023 CVE Published
- May 10, 2023 EPSS Score
- May 10, 2023 PoC Published
- Jun 16, 2023 EPSS Score
- Aug 28, 2023 EPSS Score
- Oct 4, 2023 EPSS Score
- Nov 10, 2023 EPSS Score
- Dec 29, 2023 PoC Published
- Jan 22, 2024 EPSS Score
- Feb 28, 2024 EPSS Score
- Mar 26, 2024 PoC Published
- Mar 26, 2024 PoC Published
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1179.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1179 advisory
- https://msrc.microsoft.com/update-guide advisory
- https://thehackernews.com/2024/01/act-now-cisa-flags-active-exploitation.html exploit