Secure CI/CD Pipelines with ZTNA

Workshop

Sept 17

Register today

Try Twingate

Request a Demo

Product

Docs

Resources

Partners

Customers

Pricing

Product

Docs

Partners

Resources

Customers

Pricing

Sign in

Request Demo

Try for Free

Secure CI/CD Pipelines with ZTNA

Workshop

Sept 17

Register today

Try Twingate

Request a Demo

Product

Docs

Resources

Partners

Customers

Pricing

Secure CI/CD Pipelines with ZTNA

Workshop

Sept 17

Register

Try Twingate

Request a Demo

Product

Docs

Resources

Partners

Customers

Pricing

Blog

/

CVE-2023-29357 Report - Details, Severity, & Advisorie...

Latest

News

Insights

Tips

Tutorials

Comparisons

Glossary

Other

CVE-2023-29357 Report - Details, Severity, & Advisories

Twingate Team

Jun 6, 2024

What is CVE-2023-29357?

CVE-2023-29357 is a critical vulnerability affecting Microsoft SharePoint Server 2019, specifically on x64-based systems. This elevation of privilege vulnerability poses a significant risk to the security of affected systems. It is essential for organizations to address this issue to maintain the security of their systems and protect sensitive data.

Who is impacted by CVE-2023-29357?

This includes federal, executive branch, departments, and agencies using SharePoint Server 2019 in their information systems. The affected versions range from 16.0.0 to just before 16.0.10399.20005.

What to do if CVE-2023-29357 affected you

If you're affected by the CVE-2023-29357 vulnerability, it's crucial to take action to secure your systems. Follow these simple steps to mitigate the risk:

  1. Update your Microsoft SharePoint Server 2019 to the latest version, specifically 16.0.10399.20005 or later.

  2. Review and update your internal vulnerability management procedures as per CISA's Binding Operational Directive 22-01.

  3. Monitor the Known Exploited Vulnerabilities Catalog for updates and further guidance.

  4. Apply any additional mitigations provided by the vendor, if available.

By following these steps, you can help protect your organization from the potential consequences of this critical vulnerability.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-29357 vulnerability, also known as Microsoft SharePoint Server Privilege Escalation Vulnerability, is indeed listed in CISA's Known Exploited Vulnerabilities Catalog. It was added to the catalog on January 10, 2024, with a due date for remediation set for January 31, 2024. The required action is to apply mitigations as per vendor instructions or discontinue the use of the product if mitigations are unavailable.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-303, which refers to an incorrect implementation of an authentication algorithm in Microsoft SharePoint Server.

Learn More

For more information about the CVE-2023-29357 vulnerability, including its description, severity, technical details, and known affected software configurations, visit the NVD page or the links below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

Try Twingate for Free

Request Demo

Blog

/

CVE-2023-29357 Report - Details, Severity, & Advisorie...

CVE-2023-29357 Report - Details, Severity, & Advisories

Twingate Team

Jun 6, 2024

What is CVE-2023-29357?

CVE-2023-29357 is a critical vulnerability affecting Microsoft SharePoint Server 2019, specifically on x64-based systems. This elevation of privilege vulnerability poses a significant risk to the security of affected systems. It is essential for organizations to address this issue to maintain the security of their systems and protect sensitive data.

Who is impacted by CVE-2023-29357?

This includes federal, executive branch, departments, and agencies using SharePoint Server 2019 in their information systems. The affected versions range from 16.0.0 to just before 16.0.10399.20005.

What to do if CVE-2023-29357 affected you

If you're affected by the CVE-2023-29357 vulnerability, it's crucial to take action to secure your systems. Follow these simple steps to mitigate the risk:

  1. Update your Microsoft SharePoint Server 2019 to the latest version, specifically 16.0.10399.20005 or later.

  2. Review and update your internal vulnerability management procedures as per CISA's Binding Operational Directive 22-01.

  3. Monitor the Known Exploited Vulnerabilities Catalog for updates and further guidance.

  4. Apply any additional mitigations provided by the vendor, if available.

By following these steps, you can help protect your organization from the potential consequences of this critical vulnerability.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-29357 vulnerability, also known as Microsoft SharePoint Server Privilege Escalation Vulnerability, is indeed listed in CISA's Known Exploited Vulnerabilities Catalog. It was added to the catalog on January 10, 2024, with a due date for remediation set for January 31, 2024. The required action is to apply mitigations as per vendor instructions or discontinue the use of the product if mitigations are unavailable.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-303, which refers to an incorrect implementation of an authentication algorithm in Microsoft SharePoint Server.

Learn More

For more information about the CVE-2023-29357 vulnerability, including its description, severity, technical details, and known affected software configurations, visit the NVD page or the links below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

Try Twingate for Free

Request Demo

Blog

CVE-2023-29357 Report - Details, Severity, & Advisories

Twingate Team

Jun 6, 2024

What is CVE-2023-29357?

CVE-2023-29357 is a critical vulnerability affecting Microsoft SharePoint Server 2019, specifically on x64-based systems. This elevation of privilege vulnerability poses a significant risk to the security of affected systems. It is essential for organizations to address this issue to maintain the security of their systems and protect sensitive data.

Who is impacted by CVE-2023-29357?

This includes federal, executive branch, departments, and agencies using SharePoint Server 2019 in their information systems. The affected versions range from 16.0.0 to just before 16.0.10399.20005.

What to do if CVE-2023-29357 affected you

If you're affected by the CVE-2023-29357 vulnerability, it's crucial to take action to secure your systems. Follow these simple steps to mitigate the risk:

  1. Update your Microsoft SharePoint Server 2019 to the latest version, specifically 16.0.10399.20005 or later.

  2. Review and update your internal vulnerability management procedures as per CISA's Binding Operational Directive 22-01.

  3. Monitor the Known Exploited Vulnerabilities Catalog for updates and further guidance.

  4. Apply any additional mitigations provided by the vendor, if available.

By following these steps, you can help protect your organization from the potential consequences of this critical vulnerability.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-29357 vulnerability, also known as Microsoft SharePoint Server Privilege Escalation Vulnerability, is indeed listed in CISA's Known Exploited Vulnerabilities Catalog. It was added to the catalog on January 10, 2024, with a due date for remediation set for January 31, 2024. The required action is to apply mitigations as per vendor instructions or discontinue the use of the product if mitigations are unavailable.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-303, which refers to an incorrect implementation of an authentication algorithm in Microsoft SharePoint Server.

Learn More

For more information about the CVE-2023-29357 vulnerability, including its description, severity, technical details, and known affected software configurations, visit the NVD page or the links below.

Solutions

Zero Trust Access

Documentation

Quick Start

Use Cases

Architecture

API

Twingate Labs

Resources

Blog

Customers

Whitepaper

Changelog

Company

About

Careers

Pricing

Partners

Terms

Privacy

Your Privacy Choices

Support

Contact Sales

Get Help

FAQ

Try for Free

Request Demo

Download

Copyright © 2024 Twingate.

macOS

Windows

Linux

Chrome

iOS

Android

Solutions

Zero Trust Access

Documentation

Quick Start

Use Cases

Architecture

API

Twingate Labs

Resources

Blog

Customers

Whitepaper

Changelog

Company

About

Careers

Pricing

Partners

Terms

Privacy

Your Privacy Choices

Support

Contact Sales

Get Help

FAQ

Try for Free

Request Demo

Download

Copyright © 2024 Twingate.

macOS

Windows

Linux

Chrome

iOS

Android

The VPN replacement your workforce will love.

Try Twingate for Free

Request a Demo

Solutions

Zero Trust Access

Documentation

Quick Start

Use Cases

Architecture

API

Twingate Labs

Resources

Blog

Customers

Whitepaper

Changelog

Company

About

Careers

Pricing

Partners

Terms

Privacy

Your Privacy Choices

Support

Contact Sales

Get Help

FAQ

Try for Free

Request Demo

Download

Copyright © 2024 Twingate.

macOS

Windows

Linux

Chrome

iOS

Android