{"uuid": "146ef334-3db8-4fae-a112-a7c9690aa0c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38094", "type": "seen", "source": "https://t.me/cibsecurity/80514", "content": "\ud83e\udd85 CISA Warns About New Microsoft SharePoint Vulnerability CVE-2024-38094: High Risks and Immediate Patching Needed \ud83e\udd85\n\n    Overview     The Cybersecurity and Infrastructure Security Agency CISA has issued a critical advisory regarding newly discovered vulnerabilities in Microsoft SharePoint, specifically addressing a deserialization vulnerability now included in CISAs Known Exploited Vulnerability KEV catalog.\u00a0   The vulnerability in question, identified as CVE202438094, has a CVSSv3.1 score of 7.2, which indicates a highseverity risk. It affects several SharePoint products, including Microsoft SharePoint Server Subscription Edition, Microsoft SharePoint Server 2019, and Microsoft SharePoint Enterprise Server 2016.   An authenticated attacker with Site Owner permissions could exploit this vulnerability to inject and execute arbitrary code within the SharePoint environment. The risk of such exploitation ...\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"CYBLE\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2024-11-02T06:52:29.000000Z"}