Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2024-38094

7.2HIGH

Key Information:

Vendor
Microsoft
Status
Microsoft Sharepoint Enterprise Server 2016
Microsoft Sharepoint Server 2019
Microsoft Sharepoint Server Subscription Edition
Vendor
CVE Published:
9 July 2024

Badges

👾 Exploit Exists🦅 CISA Reported📰 News Worthy

Summary

A vulnerability in Microsoft SharePoint allows remote attackers to execute arbitrary code on affected installations. This flaw could enable malicious actors to manipulate SharePoint environments, leading to unauthorized access and potential exposure of sensitive information. Organizations using SharePoint should apply necessary patches and updates to mitigate risks associated with this vulnerability, ensuring the security of their data and services.

CISA Reported

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace

The CISA's recommendation is: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Affected Version(s)

Microsoft SharePoint Enterprise Server 2016 x64-based Systems 16.0.0 < 16.0.5456.1000

Microsoft SharePoint Server 2019 x64-based Systems 16.0.0 < 16.0.10412.20001

Microsoft SharePoint Server Subscription Edition x64-based Systems 16.0.0 < 16.0.17328.20424

News Articles

favicon imageCSO Online

A new SharePoint vulnerability is already being exploited

Microsoft SharePoint makes it simpler for enterprises to help employees discover documents on their internal network — but a recently exploited vulnerability is making easier for attackers to get inside the corporate network too.

3 months ago

favicon imageBleepingComputer

Microsoft SharePoint RCE bug exploited to breach corporate network

A recently disclosed Microsoft SharePoint remote code execution (RCE) vulnerability tracked as CVE-2024-38094 is being exploited to gain initial access to corporate networks.

3 months ago

favicon imageTheCyberThrone

Microsoft Sharepoint Server CVE-2024-38094 Exploited

Threat actors have exploited a vulnerability in Microsoft SharePoint Server, identified as CVE-2024-38094, allowing them to gain complete domain access and compromise critical systems. The Rapid7 incident response team has detailed how this sophisticated attack combines various techniques to achieve...

3 months ago

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

CVSS V3.1

Score:
7.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • 📰

    First article discovered by SecurityWeek

  • 👾

    Exploit known to exist

  • 🦅

    CISA Reported

  • Vulnerability published

.