"CISA: Critical SharePoint Bug Actively Exploited"

The Cybersecurity and Infrastructure Security Agency's (CISA) Known Exploited Vulnerabilities (KEV) catalog now includes a critical Microsoft SharePoint server bug that can be used as part of a Remote Code Execution (RCE) exploit chain. The vulnerability, tracked as CVE-2023-29357, is an elevation of privilege flaw with a CVSS v3 score of 9.8. The flaw enables attackers to gain administrator privileges on the SharePoint host by using spoofed JSON web tokens (JWTs). According to Microsoft, an attacker with spoofed JWT authentication tokens can carry out a network attack that circumvents authentication and grants access to an authenticated user's privileges. This article continues to discuss the potential exploitation and impact of the critical SharePoint flaw.

SC Magazine reports "CISA: Critical SharePoint Bug Actively Exploited"

Submitted by grigby1