community.greenbone.net
  • Community Forum
  • Community Blog
  • Portal entry
  • Click to open the search input field Click to open the search input field Search
  • Menu Menu
Joseph Lee

CISA warning: Serious Security Vulnerability in MS Sharepoint

Blog, Community

Two security vulnerabilities in Sharepoint – both from last year – are currently causing trouble for Sharepoint administrators. Because attackers are increasingly exploiting a combination of the two vulnerabilities, the Cybersecurity Infrastructure Security Agency CISA is now also issuing a warning. Affected customers of the Greenbone Enterprise Feed have been warned since June 2023.

Remote Privilege Execution

The two vulnerabilities CVE-2023-29357 and CVE-2023-24955 together allow attackers to remotely gain administrator rights in a company’s SharePoint server. Details of the attack were published back in September 2023 at the Pwn2Own conference in Vancouver 2023 and can be found on the Singapore Starlabs blog, for example.

Massive attacks have now led to CISA recently issuing a warning about these vulnerabilities and including CVE-2023-29357 in its catalog of known exploited vulnerabilities. However, Greenbone has already had authenticated version checks for both CVEs since around June 2023 and an active check for CVE-2023-29357 since October 2023. Customers of the enterprise products have been receiving these CVEs as a threat for several months – in authenticated and unauthenticated scan mode.

Microsoft advises its customers on its website to update to the SharePoint Server 2019 version of June 13, 2023, (KB5002402), which fixes five critical vulnerabilities, including the first CVE mentioned by CISA. Furthermore, all administrators should install the antivirus software AMSI and activate Microsoft Defender in the SharePoint server. Otherwise, attackers could bypass authentication with fake authentication tokens and gain administrator rights.

Recognising and detecting vulnerabilities in the company at an early stage is important, as the many reports of damaging vulnerabilities show. Greenbone products can take on a lot of work here and ensure security – as a hardware- or virtual appliance or as a cloud service. The Greenbone Enterprise Feed, which feeds all Greenbone security products, receives daily updates and therefore covers a high percentage of risks.

Back to Portal Entry
by Joseph Lee
Share this entry
  • Share on LinkedIn
  • Share by Mail
https://community.greenbone.net/wp-content/uploads/2025/08/greenbone-community-portal-logo.png 0 0 Joseph Lee https://community.greenbone.net/wp-content/uploads/2025/08/greenbone-community-portal-logo.png Joseph Lee2024-02-06 13:02:072025-03-31 15:31:04CISA warning: Serious Security Vulnerability in MS Sharepoint
Search Search
© Copyright - Greenbone AG 2022-2026
  • Privacy Policy
  • Imprint
Link to: CVE-2023-46604: Apache ActiveMQ Actively Exploited For RCE Link to: CVE-2023-46604: Apache ActiveMQ Actively Exploited For RCE CVE-2023-46604: Apache ActiveMQ Actively Exploited For RCE Link to: New Community Video: Demystifying Greenbone Link to: New Community Video: Demystifying Greenbone New Community Video: Demystifying Greenbone
Scroll to top Scroll to top Scroll to top

This website uses only technically necessary cookies that are required for the operation and security of the website. Further information can be found in our Privacy Policy.

OKPrivacy Policy

Cookie and Privacy Settings



How we use cookies

We may request cookies to be set on your device. We use cookies to let us know when you visit our websites, how you interact with us, to enrich your user experience, and to customize your relationship with our website.

Click on the different category headings to find out more. You can also change some of your preferences. Note that blocking some types of cookies may impact your experience on our websites and the services we are able to offer.

Essential Website Cookies

These cookies are strictly necessary to provide you with services available through our website and to use some of its features.

Because these cookies are strictly necessary to deliver the website, refusing them will have impact how our site functions. You always can block or delete cookies by changing your browser settings and force blocking all cookies on this website. But this will always prompt you to accept/refuse cookies when revisiting our site.

We fully respect if you want to refuse cookies but to avoid asking you again and again kindly allow us to store a cookie for that. You are free to opt out any time or opt in for other cookies to get a better experience. If you refuse cookies we will remove all set cookies in our domain.

We provide you with a list of stored cookies on your computer in our domain so you can check what we stored. Due to security reasons we are not able to show or modify cookies from other domains. You can check these in your browser security settings.

Other external services

We also use different external services like Google Webfonts, Google Maps, and external Video providers. Since these providers may collect personal data like your IP address we allow you to block them here. Please be aware that this might heavily reduce the functionality and appearance of our site. Changes will take effect once you reload the page.

Google Webfont Settings:

Google Map Settings:

Google reCaptcha Settings:

Vimeo and Youtube video embeds:

Privacy Policy

You can read about our cookies and privacy settings in detail on our Privacy Policy Page.