Security
Headlines
HeadlinesLatestCVEs

Tag

#Microsoft Office SharePoint

CVE-2023-38177: Microsoft SharePoint Server Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** In a network-based attack, an authenticated attacker could execute code remotely within the SharePoint Server.

Microsoft Security Response Center
Open in Source
#vulnerability#microsoft#rce#auth#Microsoft Office SharePoint#Security Vulnerability
CVE-2023-36764: Microsoft SharePoint Server Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited the vulnerability?** An attacker who successfully exploited this vulnerability could gain administrator privileges.

CVE-2023-36894: Microsoft SharePoint Server Information Disclosure Vulnerability

**There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?** Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.

CVE-2023-36891: Microsoft SharePoint Server Spoofing Vulnerability

**There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?** Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.

CVE-2023-36890: Microsoft SharePoint Server Information Disclosure Vulnerability

**There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?** Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.

CVE-2023-36892: Microsoft SharePoint Server Spoofing Vulnerability

**There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?** Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.

CVE-2023-36890: Microsoft SharePoint Server Information Disclosure Vulnerability

**There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?** Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.

CVE-2023-36892: Microsoft SharePoint Server Spoofing Vulnerability

**There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?** Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.

CVE-2023-36891: Microsoft SharePoint Server Spoofing Vulnerability

**There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?** Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.

CVE-2023-36894: Microsoft SharePoint Server Information Disclosure Vulnerability

**There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?** Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.