Remote Code Execution Vulnerability Affects Microsoft SharePoint Server
CVE-2024-21318

8.8HIGH

Key Information:

Vendor

Microsoft
Status
Microsoft Sharepoint Enterprise Server 2016
Microsoft Sharepoint Server 2019
Microsoft Sharepoint Server Subscription Edition
Vendor
CVE Published:
9 January 2024

Badges

๐Ÿ“ฐ News Worthy

What is CVE-2024-21318?

The remote code execution vulnerability in Microsoft SharePoint Server allows attackers to execute arbitrary code on affected instances. When successfully exploited, this vulnerability grants unauthorized access, leading to potential data breaches and system compromise. Organizations using SharePoint Server are advised to apply the necessary security updates to mitigate risks associated with this vulnerability. For detailed information, consult the official Microsoft security advisory.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Microsoft SharePoint Enterprise Server 2016 x64-based Systems 16.0.0 < 16.0.5430.1000

Microsoft SharePoint Server 2019 x64-based Systems 16.0.0 < 16.0.10406.20000

Microsoft SharePoint Server Subscription Edition x64-based Systems 16.0.0 < 16.0.10406.20000

News Articles

favicon imageSC Magazine

Microsoft fixes 48 bugs in January Patch Tuesday, none of them zero-days

Security pros noted that the first Patch Tuesday of 2024 was the second consecutive release by Microsoft with no zero-days.

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • ๐Ÿ“ฐ

    First article discovered by SC Magazine

  • Vulnerability published

  • Vulnerability Reserved

JSON
.