Vulnerability-Lookup

CVE-2024-38094 (GCVE-0-2024-38094)

Vulnerability from cvelistv5 – Published: 2024-07-09 17:03 – Updated: 2026-02-10 23:35

CISA KEV KEVintel KEV

Title

Microsoft SharePoint Remote Code Execution Vulnerability

Summary

Microsoft SharePoint Remote Code Execution Vulnerability

Severity

7.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

SSVC

Exploitation: active Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-502 - Deserialization of Untrusted Data

Assigner

microsoft

References

2 references

URL	Tags
https://msrc.microsoft.com/update-guide/vulnerabi…	vendor-advisorypatch
https://www.cisa.gov/known-exploited-vulnerabilit…	government-resource

Impacted products

3 products

Vendor	Product	Version
Microsoft	Microsoft SharePoint Enterprise Server 2016	Affected: 16.0.0 , < 16.0.5456.1000 (custom)
Microsoft	Microsoft SharePoint Server 2019	Affected: 16.0.0 , < 16.0.10412.20001 (custom)
Microsoft	Microsoft SharePoint Server Subscription Edition	Affected: 16.0.0 , < 16.0.17328.20424 (custom)

Date Public

2024-07-09 07:00

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

KEV entry ID: 3139d8e4-880d-4a4a-b19b-0015c5d7db01

Vulnerability ID: CVE-2024-38094

Status: Confirmed

Status Updated: 2024-10-22 00:00 UTC

Exploited: Yes

Timestamps

First Seen: 2024-10-22

Asserted: 2024-10-22

Scope

Notes: KEV entry: Microsoft SharePoint Deserialization Vulnerability | Affected: Microsoft / SharePoint | Description: Microsoft SharePoint contains a deserialization vulnerability that allows for remote code execution. | Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. | Due date: 2024-11-12 | Known ransomware campaign use (KEV): Known | Notes (KEV): https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38094 ; https://nvd.nist.gov/vuln/detail/CVE-2024-38094

Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev

Details

Cwes	CWE-502
Feed	CISA Known Exploited Vulnerabilities Catalog
Product	SharePoint
Due Date	2024-11-12
Date Added	2024-10-22
Vendorproject	Microsoft
Vulnerabilityname	Microsoft SharePoint Deserialization Vulnerability
Knownransomwarecampaignuse	Known

References

CVE-2024-38094

Created: 2026-02-02 12:26 UTC | Updated: 2026-02-06 07:17 UTC

KEVintel KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

KEV entry ID: ef3eea21-c77f-4929-86db-148482e200a7

Vulnerability ID: CVE-2024-38094

Status: Confirmed

Status Updated: 2024-10-22 00:00 UTC

Exploited: Yes

Timestamps

First Seen: 2024-10-22

Asserted: 2024-10-22

Scope

Notes: KEVIntel entry: Microsoft SharePoint Remote Code Execution Vulnerability | Affected: Microsoft / Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint Server 2019, Microsoft SharePoint Server Subscription Edition | CVSS: 7.2 (HIGH) | Used in malware: yes | Not yet in CISA KEV: False

Evidence

Type: Public Report

Signal: Confirmed Compromise

Confidence: 70%

Source: kevintel

Details

Feed	KEVIntel (kevintel.com)
Title	Microsoft SharePoint Remote Code Execution Vulnerability
Vendor	Microsoft
Product	Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint Server 2019, Microsoft SharePoint Server Subscription Edition
Added Date	2024-10-22T00:00:00.000Z
Cvss Score	7.2
Epss Score	None
Cvss Severity	HIGH
Epss Percentile	None
Used In Malware	yes
Ahead Of Cisa Kev	None
Not Yet In Cisa Kev	False

References

Created: 2026-06-19 12:46 UTC | Updated: 2026-06-19 12:46 UTC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-38094",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-22T15:04:15.775049Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2024-10-22",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-38094"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T22:55:49.839Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-38094"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2024-10-22T00:00:00.000Z",
            "value": "CVE-2024-38094 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:04:25.155Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "Microsoft SharePoint Remote Code Execution Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38094"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Microsoft SharePoint Enterprise Server 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.0.5456.1000",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Microsoft SharePoint Server 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.0.10412.20001",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Microsoft SharePoint Server Subscription Edition",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.0.17328.20424",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:enterprise:*:*:*",
                  "versionEndExcluding": "16.0.5456.1000",
                  "versionStartIncluding": "16.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "16.0.10412.20001",
                  "versionStartIncluding": "16.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*",
                  "versionEndExcluding": "16.0.17328.20424",
                  "versionStartIncluding": "16.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2024-07-09T07:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Microsoft SharePoint Remote Code Execution Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-502",
              "description": "CWE-502: Deserialization of Untrusted Data",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-10T23:35:15.256Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Microsoft SharePoint Remote Code Execution Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38094"
        }
      ],
      "title": "Microsoft SharePoint Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2024-38094",
    "datePublished": "2024-07-09T17:03:24.222Z",
    "dateReserved": "2024-06-11T22:36:08.183Z",
    "dateUpdated": "2026-02-10T23:35:15.256Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2024-38094",
      "cwes": "[\"CWE-502\"]",
      "dateAdded": "2024-10-22",
      "dueDate": "2024-11-12",
      "knownRansomwareCampaignUse": "Known",
      "notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38094 ; https://nvd.nist.gov/vuln/detail/CVE-2024-38094",
      "product": "SharePoint",
      "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
      "shortDescription": "Microsoft SharePoint contains a deserialization vulnerability that allows for remote code execution.",
      "vendorProject": "Microsoft",
      "vulnerabilityName": "Microsoft SharePoint Deserialization Vulnerability"
    },
    "epss": {
      "cve": "CVE-2024-38094",
      "date": "2026-06-19",
      "epss": "0.55328",
      "percentile": "0.98904"
    },
    "fkie_nvd": {
      "cisaActionDue": "2024-11-12",
      "cisaExploitAdd": "2024-10-22",
      "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
      "cisaVulnerabilityName": "Microsoft SharePoint Deserialization Vulnerability",
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:sharepoint_server:-:*:*:*:subscription:*:*:*\", \"matchCriteriaId\": \"AC8BB33F-44C4-41FE-8B17-68E3C4B38142\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"F815EF1D-7B60-47BE-9AC2-2548F99F10E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6122D014-5BF1-4AF4-8B4D-80205ED7785E\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Microsoft SharePoint Remote Code Execution Vulnerability\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad de ejecuci\\u00f3n remota de c\\u00f3digo de Microsoft SharePoint\"}]",
      "id": "CVE-2024-38094",
      "lastModified": "2024-11-21T09:24:53.710",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"secure@microsoft.com\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.2, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.2, \"impactScore\": 5.9}]}",
      "published": "2024-07-09T17:15:46.090",
      "references": "[{\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38094\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38094\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "secure@microsoft.com",
      "vulnStatus": "Undergoing Analysis",
      "weaknesses": "[{\"source\": \"secure@microsoft.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-502\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-502\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-38094\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2024-07-09T17:15:46.090\",\"lastModified\":\"2025-10-28T14:23:29.950\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Microsoft SharePoint Remote Code Execution Vulnerability\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de Microsoft SharePoint\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":5.9}]},\"cisaExploitAdd\":\"2024-10-22\",\"cisaActionDue\":\"2024-11-12\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"Microsoft SharePoint Deserialization Vulnerability\",\"weaknesses\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:sharepoint_server:-:*:*:*:subscription:*:*:*\",\"matchCriteriaId\":\"AC8BB33F-44C4-41FE-8B17-68E3C4B38142\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"F815EF1D-7B60-47BE-9AC2-2548F99F10E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6122D014-5BF1-4AF4-8B4D-80205ED7785E\"}]}]}],\"references\":[{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38094\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38094\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-38094\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38094\", \"name\": \"Microsoft SharePoint Remote Code Execution Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T04:04:25.155Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-38094\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-22T15:04:15.775049Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2024-10-22\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-38094\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-10-22T00:00:00+00:00\", \"value\": \"CVE-2024-38094 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-38094\", \"tags\": [\"government-resource\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-09T18:00:23.140Z\"}}], \"cna\": {\"title\": \"Microsoft SharePoint Remote Code Execution Vulnerability\", \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 7.2, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C\"}, \"scenarios\": [{\"lang\": \"en-US\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Microsoft\", \"product\": \"Microsoft SharePoint Enterprise Server 2016\", \"versions\": [{\"status\": \"affected\", \"version\": \"16.0.0\", \"lessThan\": \"16.0.5456.1000\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft SharePoint Server 2019\", \"versions\": [{\"status\": \"affected\", \"version\": \"16.0.0\", \"lessThan\": \"16.0.10412.20001\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft SharePoint Server Subscription Edition\", \"versions\": [{\"status\": \"affected\", \"version\": \"16.0.0\", \"lessThan\": \"16.0.17328.20424\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}], \"datePublic\": \"2024-07-09T07:00:00.000Z\", \"references\": [{\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38094\", \"name\": \"Microsoft SharePoint Remote Code Execution Vulnerability\", \"tags\": [\"vendor-advisory\", \"patch\"]}], \"descriptions\": [{\"lang\": \"en-US\", \"value\": \"Microsoft SharePoint Remote Code Execution Vulnerability\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"type\": \"CWE\", \"cweId\": \"CWE-502\", \"description\": \"CWE-502: Deserialization of Untrusted Data\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:enterprise:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"16.0.5456.1000\", \"versionStartIncluding\": \"16.0.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"16.0.10412.20001\", \"versionStartIncluding\": \"16.0.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"16.0.17328.20424\", \"versionStartIncluding\": \"16.0.0\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"shortName\": \"microsoft\", \"dateUpdated\": \"2026-02-10T23:35:15.256Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-38094\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-10T23:35:15.256Z\", \"dateReserved\": \"2024-06-11T22:36:08.183Z\", \"assignerOrgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"datePublished\": \"2024-07-09T17:03:24.222Z\", \"assignerShortName\": \"microsoft\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

CERTFR-2024-AVI-0560

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Microsoft	N/A	Microsoft SharePoint Server Subscription Edition versions antérieures à 16.0.17328.20424
Microsoft	N/A	Microsoft Visual Studio 2022 version 17.6 antérieures à 17.6.17
Microsoft	N/A	Microsoft SQL Server 2022 pour systèmes x64 (GDR) versions antérieures à 16.0.1121.4
Microsoft	N/A	Microsoft Visual Studio 2022 version 17.4 antérieures à 17.4.21
Microsoft	N/A	Microsoft Visual Studio 2022 version 17.10 antérieures à 17.10.4
Microsoft	N/A	Microsoft SQL Server 2019 pour systèmes x64 (CU 27) versions antérieures à 15.0.4382.1
Microsoft	N/A	Microsoft SharePoint Enterprise Server 2016 versions antérieures à 16.0.5456.1000
Microsoft	N/A	Microsoft Defender pour IoT versions antérieures à 24.1.4
Microsoft	N/A	Microsoft SQL Server 2022 pour systèmes x64 (CU 13) versions antérieures à 16.0.4131.2
Microsoft	N/A	Microsoft OLE DB Driver 19 pour SQL Server versions antérieures à 19.3.0005.0
Microsoft	N/A	Microsoft SharePoint Server 2019 versions antérieures à 16.0.10412.20001
Microsoft	N/A	Microsoft SQL Server 2017 pour systèmes x64 (GDR) versions antérieures à 14.0.2056.2
Microsoft	N/A	Microsoft Dynamics 365 (on-premises) version 9.1 antérieures à 9.1.28.09
Microsoft	N/A	Microsoft SQL Server 2017 pour systèmes x64 (CU 31) versions antérieures à 14.0.3471.2
Microsoft	N/A	Microsoft SQL Server 2019 pour systèmes x64 (GDR) versions antérieures à 15.0.2116.2
Microsoft	N/A	Microsoft OLE DB Driver 18 pour SQL Server versions antérieures à 18.7.0004.0
Microsoft	N/A	Microsoft Visual Studio 2022 version 17.8 antérieures à 17.8.12
Microsoft	N/A	Microsoft SQL Server 2016 pour systèmes x64 Service Pack 3 (GDR) versions antérieures à 13.0.6441.1
Microsoft	N/A	Microsoft SQL Server 2016 pour systèmes x64 Service Pack 3 Azure Connect Feature Pack versions antérieures à 13.0.7037.1

References

Title

Publication Time

CERTFR-2024-AVI-0560

Vulnerability from certfr_avis - Published: - Updated:

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Microsoft	N/A	Microsoft SharePoint Server Subscription Edition versions antérieures à 16.0.17328.20424
Microsoft	N/A	Microsoft Visual Studio 2022 version 17.6 antérieures à 17.6.17
Microsoft	N/A	Microsoft SQL Server 2022 pour systèmes x64 (GDR) versions antérieures à 16.0.1121.4
Microsoft	N/A	Microsoft Visual Studio 2022 version 17.4 antérieures à 17.4.21
Microsoft	N/A	Microsoft Visual Studio 2022 version 17.10 antérieures à 17.10.4
Microsoft	N/A	Microsoft SQL Server 2019 pour systèmes x64 (CU 27) versions antérieures à 15.0.4382.1
Microsoft	N/A	Microsoft SharePoint Enterprise Server 2016 versions antérieures à 16.0.5456.1000
Microsoft	N/A	Microsoft Defender pour IoT versions antérieures à 24.1.4
Microsoft	N/A	Microsoft SQL Server 2022 pour systèmes x64 (CU 13) versions antérieures à 16.0.4131.2
Microsoft	N/A	Microsoft OLE DB Driver 19 pour SQL Server versions antérieures à 19.3.0005.0
Microsoft	N/A	Microsoft SharePoint Server 2019 versions antérieures à 16.0.10412.20001
Microsoft	N/A	Microsoft SQL Server 2017 pour systèmes x64 (GDR) versions antérieures à 14.0.2056.2
Microsoft	N/A	Microsoft Dynamics 365 (on-premises) version 9.1 antérieures à 9.1.28.09
Microsoft	N/A	Microsoft SQL Server 2017 pour systèmes x64 (CU 31) versions antérieures à 14.0.3471.2
Microsoft	N/A	Microsoft SQL Server 2019 pour systèmes x64 (GDR) versions antérieures à 15.0.2116.2
Microsoft	N/A	Microsoft OLE DB Driver 18 pour SQL Server versions antérieures à 18.7.0004.0
Microsoft	N/A	Microsoft Visual Studio 2022 version 17.8 antérieures à 17.8.12
Microsoft	N/A	Microsoft SQL Server 2016 pour systèmes x64 Service Pack 3 (GDR) versions antérieures à 13.0.6441.1
Microsoft	N/A	Microsoft SQL Server 2016 pour systèmes x64 Service Pack 3 Azure Connect Feature Pack versions antérieures à 13.0.7037.1

References

Title

Publication Time

BDU:2024-05281

Vulnerability from fstec - Published: 09.07.2024

Title

Уязвимость пакетов программ Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition и Microsoft SharePoint Enterprise Server, связанная с недостатками механизма десериализации, позволяющая нарушителю выполнить произвольный код

Description

Уязвимость пакетов программ Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition и Microsoft SharePoint Enterprise Server связана с недостатками механизма десериализации. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить произвольный код

Severity


                    
                      AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Vendor

Microsoft Corp

Software Name

Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint Server 2019, Microsoft SharePoint Server Subscription Edition

Software Version

- (Microsoft SharePoint Enterprise Server 2016), - (Microsoft SharePoint Server 2019), - (Microsoft SharePoint Server Subscription Edition)

Possible Mitigations

Использование рекомендаций: https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-38094 Компенсирующие меры: - использование средств межсетевого экранирования для ограничения удаленного доступа; - минимизация пользовательских привилегий; - отключение/удаление неиспользуемых учётных записей пользователей.

Reference

https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-38094 https://packetstormsecurity.com/files/cve/CVE-2024-38094 https://vuldb.com/?id.270880 https://www.cisa.gov/sites/default/files/csv/known_exploited_vulnerabilities.csv

CWE

CWE-502

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:M/C:C/I:C/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Microsoft Corp",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "- (Microsoft SharePoint Enterprise Server 2016), - (Microsoft SharePoint Server 2019), - (Microsoft SharePoint Server Subscription Edition)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-38094\n\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u043b\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430;\n- \u043c\u0438\u043d\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439;\n- \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435/\u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u043d\u0435\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "09.07.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "29.10.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "15.07.2024",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-05281",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-38094",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint Server 2019, Microsoft SharePoint Server Subscription Edition",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition \u0438 Microsoft SharePoint Enterprise Server, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0412\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u043e\u0432\u0435\u0440\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-502)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition \u0438 Microsoft SharePoint Enterprise Server \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-38094\nhttps://packetstormsecurity.com/files/cve/CVE-2024-38094\nhttps://vuldb.com/?id.270880\nhttps://www.cisa.gov/sites/default/files/csv/known_exploited_vulnerabilities.csv",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-502",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,3)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,2)"
}

CNVD-2024-33175

Vulnerability from cnvd - Published: 2024-07-18

Title

Microsoft SharePoint存在未明漏洞（CNVD-2024-33175）

Description

Microsoft SharePoint是美国微软（Microsoft）公司的一套企业业务协作平台。该平台用于对业务信息进行整合，并能够共享工作、与他人协同工作、组织项目和工作组、搜索人员和信息。 Microsoft SharePoint存在安全漏洞。攻击者可利用该漏洞远程执行代码。

Severity

高

Patch Name

Microsoft SharePoint存在未明漏洞（CNVD-2024-33175）的补丁

Patch Description

Microsoft SharePoint是美国微软（Microsoft）公司的一套企业业务协作平台。该平台用于对业务信息进行整合，并能够共享工作、与他人协同工作、组织项目和工作组、搜索人员和信息。 Microsoft SharePoint存在安全漏洞。攻击者可利用该漏洞远程执行代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38094

Reference

https://cxsecurity.com/cveshow/CVE-2024-38094/

Impacted products

Name
['Microsoft Microsoft SharePoint Server 2019', 'Microsoft Microsoft SharePoint Enterprise Server 2016', 'Microsoft Microsoft SharePoint Server Subscription Edition']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2024-38094",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-38094"
    }
  },
  "description": "Microsoft SharePoint\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4e00\u5957\u4f01\u4e1a\u4e1a\u52a1\u534f\u4f5c\u5e73\u53f0\u3002\u8be5\u5e73\u53f0\u7528\u4e8e\u5bf9\u4e1a\u52a1\u4fe1\u606f\u8fdb\u884c\u6574\u5408\uff0c\u5e76\u80fd\u591f\u5171\u4eab\u5de5\u4f5c\u3001\u4e0e\u4ed6\u4eba\u534f\u540c\u5de5\u4f5c\u3001\u7ec4\u7ec7\u9879\u76ee\u548c\u5de5\u4f5c\u7ec4\u3001\u641c\u7d22\u4eba\u5458\u548c\u4fe1\u606f\u3002\n\nMicrosoft SharePoint\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8fdc\u7a0b\u6267\u884c\u4ee3\u7801\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38094",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2024-33175",
  "openTime": "2024-07-18",
  "patchDescription": "Microsoft SharePoint\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4e00\u5957\u4f01\u4e1a\u4e1a\u52a1\u534f\u4f5c\u5e73\u53f0\u3002\u8be5\u5e73\u53f0\u7528\u4e8e\u5bf9\u4e1a\u52a1\u4fe1\u606f\u8fdb\u884c\u6574\u5408\uff0c\u5e76\u80fd\u591f\u5171\u4eab\u5de5\u4f5c\u3001\u4e0e\u4ed6\u4eba\u534f\u540c\u5de5\u4f5c\u3001\u7ec4\u7ec7\u9879\u76ee\u548c\u5de5\u4f5c\u7ec4\u3001\u641c\u7d22\u4eba\u5458\u548c\u4fe1\u606f\u3002\r\n\r\nMicrosoft SharePoint\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8fdc\u7a0b\u6267\u884c\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Microsoft SharePoint\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2024-33175\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Microsoft Microsoft SharePoint Server 2019",
      "Microsoft Microsoft SharePoint Enterprise Server 2016",
      "Microsoft Microsoft SharePoint Server Subscription Edition"
    ]
  },
  "referenceLink": "https://cxsecurity.com/cveshow/CVE-2024-38094/",
  "serverity": "\u9ad8",
  "submitTime": "2024-07-12",
  "title": "Microsoft SharePoint\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2024-33175\uff09"
}

FKIE_CVE-2024-38094

Vulnerability from fkie_nvd - Published: 2024-07-09 17:15 - Updated: 2026-06-17 07:39

CISA KEV KEVintel KEV

Severity

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

Microsoft SharePoint Remote Code Execution Vulnerability

References

URL	Tags
secure@microsoft.com	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38094	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38094	Patch, Vendor Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-38094	US Government Resource

Impacted products

Vendor	Product	Version
microsoft	sharepoint_server	-
microsoft	sharepoint_server	2016
microsoft	sharepoint_server	2019

JSON

To clipboard

{
  "affected": [
    {
      "affectedData": [
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Microsoft SharePoint Enterprise Server 2016",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.0.5456.1000",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Microsoft SharePoint Server 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.0.10412.20001",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Microsoft SharePoint Server Subscription Edition",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.0.17328.20424",
              "status": "affected",
              "version": "16.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "source": "secure@microsoft.com"
    }
  ],
  "cisaActionDue": "2024-11-12",
  "cisaExploitAdd": "2024-10-22",
  "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
  "cisaVulnerabilityName": "Microsoft SharePoint Deserialization Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:sharepoint_server:-:*:*:*:subscription:*:*:*",
              "matchCriteriaId": "AC8BB33F-44C4-41FE-8B17-68E3C4B38142",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "F815EF1D-7B60-47BE-9AC2-2548F99F10E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*",
              "matchCriteriaId": "6122D014-5BF1-4AF4-8B4D-80205ED7785E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Microsoft SharePoint Remote Code Execution Vulnerability"
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de Microsoft SharePoint"
    }
  ],
  "id": "CVE-2024-38094",
  "lastModified": "2026-06-17T07:39:24.640",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "secure@microsoft.com",
        "type": "Secondary"
      }
    ],
    "ssvcV203": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "ssvcData": {
          "id": "CVE-2024-38094",
          "options": [
            {
              "exploitation": "active"
            },
            {
              "automatable": "no"
            },
            {
              "technicalImpact": "total"
            }
          ],
          "role": "CISA Coordinator",
          "timestamp": "2024-10-22T15:04:15.775049Z",
          "version": "2.0.3"
        }
      }
    ]
  },
  "published": "2024-07-09T17:15:46.090",
  "references": [
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38094"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38094"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-38094"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-502"
        }
      ],
      "source": "secure@microsoft.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-502"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-WHMW-HQ6P-C3W4

Vulnerability from github – Published: 2024-07-09 18:30 – Updated: 2025-10-22 00:33

Details

Microsoft SharePoint Remote Code Execution Vulnerability

Severity

7.2 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-38094"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-09T17:15:46Z",
    "severity": "HIGH"
  },
  "details": "Microsoft SharePoint Remote Code Execution Vulnerability",
  "id": "GHSA-whmw-hq6p-c3w4",
  "modified": "2025-10-22T00:33:04Z",
  "published": "2024-07-09T18:30:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38094"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38094"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-38094"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

MSRC_CVE-2024-38094

Vulnerability from csaf_microsoft - Published: 2024-07-09 07:00 - Updated: 2024-07-09 07:00

Summary

Microsoft SharePoint Remote Code Execution Vulnerability

Severity

Important

Notes

Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

Customer Action: Required. The vulnerability documented by this CVE requires customer action to resolve.

CVE-2024-38094

7.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

CWE-502 - Deserialization of Untrusted Data

Affected products

Fixed 3 products

Product	Identifier	Version	Remediation
Microsoft SharePoint Enterprise Server 2016 16.0.5456.1000 Microsoft SharePoint Enterprise Server 2016		16.0.5456.1000
Microsoft SharePoint Server 2019 16.0.10412.20001 Microsoft SharePoint Server 2019		16.0.10412.20001
Microsoft SharePoint Server Subscription Edition 16.0.17328.20424 Microsoft SharePoint Server Subscription Edition		16.0.17328.20424

Known affected 3 products

Product	Version	Remediation
Microsoft SharePoint Server Subscription Edition <16.0.17328.20424 Microsoft SharePoint Server Subscription Edition	<16.0.17328.20424	Vendor Fix fix
Microsoft SharePoint Server 2019 <16.0.10412.20001 Microsoft SharePoint Server 2019	<16.0.10412.20001	Vendor Fix fix
Microsoft SharePoint Enterprise Server 2016 <16.0.5456.1000 Microsoft SharePoint Enterprise Server 2016	<16.0.5456.1000	Vendor Fix fix

Threats

Impact Remote Code Execution

Exploit Status Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely

References

7 references

URL	Category
https://msrc.microsoft.com/update-guide/vulnerabi…	self
https://msrc.microsoft.com/csaf/advisories/2024/m…	self
https://www.microsoft.com/en-us/msrc/exploitabili…	external
https://support.microsoft.com/lifecycle	external
https://www.first.org/cvss	external
https://msrc.microsoft.com/update-guide/vulnerabi…	self
https://msrc.microsoft.com/csaf/advisories/2024/m…	self

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.microsoft.com/en-us/msrc/security-update-severity-rating-system",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      },
      {
        "category": "general",
        "text": "Required. The vulnerability documented by this CVE requires customer action to resolve.",
        "title": "Customer Action"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2024-38094 Microsoft SharePoint Remote Code Execution Vulnerability - HTML",
        "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38094"
      },
      {
        "category": "self",
        "summary": "CVE-2024-38094 Microsoft SharePoint Remote Code Execution Vulnerability - CSAF",
        "url": "https://msrc.microsoft.com/csaf/advisories/2024/msrc_cve-2024-38094.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Exploitability Index",
        "url": "https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "Microsoft SharePoint Remote Code Execution Vulnerability",
    "tracking": {
      "current_release_date": "2024-07-09T07:00:00.000Z",
      "generator": {
        "date": "2025-05-05T17:00:41.804Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2024-38094",
      "initial_release_date": "2024-07-09T07:00:00.000Z",
      "revision_history": [
        {
          "date": "2024-07-09T07:00:00.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c16.0.5456.1000",
            "product": {
              "name": "Microsoft SharePoint Enterprise Server 2016 \u003c16.0.5456.1000",
              "product_id": "3"
            }
          },
          {
            "category": "product_version",
            "name": "16.0.5456.1000",
            "product": {
              "name": "Microsoft SharePoint Enterprise Server 2016 16.0.5456.1000",
              "product_id": "10950"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft SharePoint Enterprise Server 2016"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c16.0.10412.20001",
            "product": {
              "name": "Microsoft SharePoint Server 2019 \u003c16.0.10412.20001",
              "product_id": "2"
            }
          },
          {
            "category": "product_version",
            "name": "16.0.10412.20001",
            "product": {
              "name": "Microsoft SharePoint Server 2019 16.0.10412.20001",
              "product_id": "11585"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft SharePoint Server 2019"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c16.0.17328.20424",
            "product": {
              "name": "Microsoft SharePoint Server Subscription Edition \u003c16.0.17328.20424",
              "product_id": "1"
            }
          },
          {
            "category": "product_version",
            "name": "16.0.17328.20424",
            "product": {
              "name": "Microsoft SharePoint Server Subscription Edition 16.0.17328.20424",
              "product_id": "11961"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft SharePoint Server Subscription Edition"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-38094",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "general",
          "text": "Microsoft",
          "title": "Assigning CNA"
        },
        {
          "category": "faq",
          "text": "An authenticated attacker with Site Owner permissions can use the vulnerability to inject arbitrary code and execute this code in the context of SharePoint Server.",
          "title": "According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability?"
        }
      ],
      "product_status": {
        "fixed": [
          "10950",
          "11585",
          "11961"
        ],
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38094 Microsoft SharePoint Remote Code Execution Vulnerability - HTML",
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38094"
        },
        {
          "category": "self",
          "summary": "CVE-2024-38094 Microsoft SharePoint Remote Code Execution Vulnerability - CSAF",
          "url": "https://msrc.microsoft.com/csaf/advisories/2024/msrc_cve-2024-38094.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-07-09T07:00:00.000Z",
          "details": "16.0.5456.1000:Security Update:https://support.microsoft.com/help/5002618",
          "product_ids": [
            "3"
          ],
          "url": "https://support.microsoft.com/help/5002618"
        },
        {
          "category": "vendor_fix",
          "date": "2024-07-09T07:00:00.000Z",
          "details": "16.0.10412.20001:Security Update:https://support.microsoft.com/help/5002615",
          "product_ids": [
            "2"
          ],
          "url": "https://support.microsoft.com/help/5002615"
        },
        {
          "category": "vendor_fix",
          "date": "2024-07-09T07:00:00.000Z",
          "details": "16.0.17328.20424:Security Update:https://support.microsoft.com/help/5002606",
          "product_ids": [
            "1"
          ],
          "url": "https://support.microsoft.com/help/5002606"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalsScore": 0.0,
            "exploitCodeMaturity": "UNPROVEN",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "remediationLevel": "OFFICIAL_FIX",
            "reportConfidence": "CONFIRMED",
            "scope": "UNCHANGED",
            "temporalScore": 6.3,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Remote Code Execution"
        },
        {
          "category": "exploit_status",
          "details": "Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely"
        }
      ],
      "title": "Microsoft SharePoint Remote Code Execution Vulnerability"
    }
  ]
}

NCSC-2024-0284

Vulnerability from csaf_ncscnl - Published: 2024-07-09 19:37 - Updated: 2024-07-09 19:37

Summary

Kwetsbaarheden verholpen in Microsoft Office

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten: Microsoft heeft kwetsbaarheden verholpen in Office, Sharepoint en Outlook.

Interpretaties: Een kwaadwillende kan de kwetsbaarheden misbruiken om zich voor te doen als andere gebruiker of willekeurige code uit te voeren met rechten van het slachtoffer en zo mogelijk toegang krijgen tot gevoelige gegevens. Voor succesvol misbruik moet de kwaadwillende het slachtoffer misleiden een malafide bestand te openen of malafide link te volgen. ``` Microsoft Office: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2024-38021 | 8.80 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Microsoft Office SharePoint: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2024-38023 | 7.20 | Uitvoeren van willekeurige code | | CVE-2024-38024 | 7.20 | Uitvoeren van willekeurige code | | CVE-2024-32987 | 7.50 | Toegang tot gevoelige gegevens | | CVE-2024-38094 | 7.20 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Microsoft Office Outlook: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2024-38020 | 6.50 | Voordoen als andere gebruiker | |----------------|------|-------------------------------------| ```

Oplossingen: Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op: https://portal.msrc.microsoft.com/en-us/security-guidance

Dreigingsinformatie:

Kans: medium

Schade: high

CWE-20: Improper Input Validation

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

CWE-502: Deserialization of Untrusted Data

CWE-918: Server-Side Request Forgery (SSRF)

CVE-2024-38023

7.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

CWE-502 - Deserialization of Untrusted Data

Affected products

Known affected 3 products

Product	Identifier	Version
microsoft_sharepoint_enterprise_server_2016 microsoft	`cpe:2.3:a:microsoft:microsoft_sharepoint_enterprise_server_2016:16.0.0:::::::*`	—
microsoft_sharepoint_server_2019 microsoft	`cpe:2.3:a:microsoft:microsoft_sharepoint_server_2019:16.0.0:::::::*`	—
microsoft_sharepoint_server_subscription_edition microsoft	`cpe:2.3:a:microsoft:microsoft_sharepoint_server_subscription_edition:16.0.0:::::::*`	—

CVE-2024-38024

7.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

CWE-502 - Deserialization of Untrusted Data

Affected products

Known affected 3 products

Product	Identifier	Version
microsoft_sharepoint_enterprise_server_2016 microsoft	`cpe:2.3:a:microsoft:microsoft_sharepoint_enterprise_server_2016:16.0.0:::::::*`	—
microsoft_sharepoint_server_2019 microsoft	`cpe:2.3:a:microsoft:microsoft_sharepoint_server_2019:16.0.0:::::::*`	—
microsoft_sharepoint_server_subscription_edition microsoft	`cpe:2.3:a:microsoft:microsoft_sharepoint_server_subscription_edition:16.0.0:::::::*`	—

CVE-2024-32987

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

CWE-918 - Server-Side Request Forgery (SSRF)

Affected products

Known affected 3 products

Product	Identifier	Version
microsoft_sharepoint_enterprise_server_2016 microsoft	`cpe:2.3:a:microsoft:microsoft_sharepoint_enterprise_server_2016:16.0.0:::::::*`	—
microsoft_sharepoint_server_2019 microsoft	`cpe:2.3:a:microsoft:microsoft_sharepoint_server_2019:16.0.0:::::::*`	—
microsoft_sharepoint_server_subscription_edition microsoft	`cpe:2.3:a:microsoft:microsoft_sharepoint_server_subscription_edition:16.0.0:::::::*`	—

CVE-2024-38094

CWE-502 - Deserialization of Untrusted Data

Affected products

Known affected 3 products

Product	Identifier	Version
microsoft_sharepoint_enterprise_server_2016 microsoft	`cpe:2.3:a:microsoft:microsoft_sharepoint_enterprise_server_2016:16.0.0:::::::*`	—
microsoft_sharepoint_server_2019 microsoft	`cpe:2.3:a:microsoft:microsoft_sharepoint_server_2019:16.0.0:::::::*`	—
microsoft_sharepoint_server_subscription_edition microsoft	`cpe:2.3:a:microsoft:microsoft_sharepoint_server_subscription_edition:16.0.0:::::::*`	—

CVE-2024-38020

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 5 products

Product	Identifier	Version
microsoft_office_2019 microsoft	`cpe:2.3:a:microsoft:microsoft_office_2019:19.0.0:::::::*`	—
microsoft_365_apps_for_enterprise microsoft	`cpe:2.3:a:microsoft:microsoft_365_apps_for_enterprise:16.0.1:::::::*`	—
microsoft_office_ltsc_2021 microsoft	`cpe:2.3:a:microsoft:microsoft_office_ltsc_2021:16.0.1:::::::*`	—
microsoft_office_2016 microsoft	`cpe:2.3:a:microsoft:microsoft_office_2016:16.0.0:::::::*`	—
microsoft_outlook_2016 microsoft	`cpe:2.3:a:microsoft:microsoft_outlook_2016:16.0.0.0:::::::*`	—

CVE-2024-38021

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

CWE-20 - Improper Input Validation

Affected products

Known affected 4 products

Product	Identifier	Version
microsoft_office_2019 microsoft	`cpe:2.3:a:microsoft:microsoft_office_2019:19.0.0:::::::*`	—
microsoft_365_apps_for_enterprise microsoft	`cpe:2.3:a:microsoft:microsoft_365_apps_for_enterprise:16.0.1:::::::*`	—
microsoft_office_ltsc_2021 microsoft	`cpe:2.3:a:microsoft:microsoft_office_ltsc_2021:16.0.1:::::::*`	—
microsoft_office_2016 microsoft	`cpe:2.3:a:microsoft:microsoft_office_2016:16.0.0:::::::*`	—

References

6 references

URL	Category
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Microsoft heeft kwetsbaarheden verholpen in Office, Sharepoint en Outlook.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om zich voor te doen als andere gebruiker of willekeurige code uit te voeren met rechten van het slachtoffer en zo mogelijk toegang krijgen tot gevoelige gegevens.\n\nVoor succesvol misbruik moet de kwaadwillende het slachtoffer misleiden een malafide bestand te openen of malafide link te volgen.\n\n```\nMicrosoft Office: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2024-38021 | 8.80 | Uitvoeren van willekeurige code     | \n|----------------|------|-------------------------------------|\n\nMicrosoft Office SharePoint: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2024-38023 | 7.20 | Uitvoeren van willekeurige code     | \n| CVE-2024-38024 | 7.20 | Uitvoeren van willekeurige code     | \n| CVE-2024-32987 | 7.50 | Toegang tot gevoelige gegevens      | \n| CVE-2024-38094 | 7.20 | Uitvoeren van willekeurige code     | \n|----------------|------|-------------------------------------|\n\nMicrosoft Office Outlook: \n|----------------|------|-------------------------------------|\n| CVE-ID         | CVSS | Impact                              |\n|----------------|------|-------------------------------------|\n| CVE-2024-38020 | 6.50 | Voordoen als andere gebruiker       | \n|----------------|------|-------------------------------------|\n```\n",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op:\n\nhttps://portal.msrc.microsoft.com/en-us/security-guidance",
        "title": "Oplossingen"
      },
      {
        "category": "description",
        "text": " ",
        "title": "Dreigingsinformatie"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Exposure of Sensitive Information to an Unauthorized Actor",
        "title": "CWE-200"
      },
      {
        "category": "general",
        "text": "Deserialization of Untrusted Data",
        "title": "CWE-502"
      },
      {
        "category": "general",
        "text": "Server-Side Request Forgery (SSRF)",
        "title": "CWE-918"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "title": "Kwetsbaarheden verholpen in Microsoft Office",
    "tracking": {
      "current_release_date": "2024-07-09T19:37:26.015768Z",
      "id": "NCSC-2024-0284",
      "initial_release_date": "2024-07-09T19:37:26.015768Z",
      "revision_history": [
        {
          "date": "2024-07-09T19:37:26.015768Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "microsoft_365_apps_for_enterprise",
            "product": {
              "name": "microsoft_365_apps_for_enterprise",
              "product_id": "CSAFPID-1453810",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:microsoft:microsoft_365_apps_for_enterprise:16.0.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "microsoft_office_2016",
            "product": {
              "name": "microsoft_office_2016",
              "product_id": "CSAFPID-1455689",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:microsoft:microsoft_office_2016:16.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "microsoft_office_2019",
            "product": {
              "name": "microsoft_office_2019",
              "product_id": "CSAFPID-1453809",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:microsoft:microsoft_office_2019:19.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "microsoft_office_ltsc_2021",
            "product": {
              "name": "microsoft_office_ltsc_2021",
              "product_id": "CSAFPID-1453812",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:microsoft:microsoft_office_ltsc_2021:16.0.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "microsoft_outlook_2016",
            "product": {
              "name": "microsoft_outlook_2016",
              "product_id": "CSAFPID-1455687",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:microsoft:microsoft_outlook_2016:16.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "microsoft_sharepoint_enterprise_server_2016",
            "product": {
              "name": "microsoft_sharepoint_enterprise_server_2016",
              "product_id": "CSAFPID-1454039",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:microsoft:microsoft_sharepoint_enterprise_server_2016:16.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "microsoft_sharepoint_server_2019",
            "product": {
              "name": "microsoft_sharepoint_server_2019",
              "product_id": "CSAFPID-1454040",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:microsoft:microsoft_sharepoint_server_2019:16.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "microsoft_sharepoint_server_subscription_edition",
            "product": {
              "name": "microsoft_sharepoint_server_subscription_edition",
              "product_id": "CSAFPID-1454041",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:microsoft:microsoft_sharepoint_server_subscription_edition:16.0.0:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "microsoft"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-38023",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1454039",
          "CSAFPID-1454040",
          "CSAFPID-1454041"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38023",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38023.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1454039",
            "CSAFPID-1454040",
            "CSAFPID-1454041"
          ]
        }
      ],
      "title": "CVE-2024-38023"
    },
    {
      "cve": "CVE-2024-38024",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1454039",
          "CSAFPID-1454040",
          "CSAFPID-1454041"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38024",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38024.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1454039",
            "CSAFPID-1454040",
            "CSAFPID-1454041"
          ]
        }
      ],
      "title": "CVE-2024-38024"
    },
    {
      "cve": "CVE-2024-32987",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Server-Side Request Forgery (SSRF)",
          "title": "CWE-918"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1454039",
          "CSAFPID-1454040",
          "CSAFPID-1454041"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-32987",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32987.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1454039",
            "CSAFPID-1454040",
            "CSAFPID-1454041"
          ]
        }
      ],
      "title": "CVE-2024-32987"
    },
    {
      "cve": "CVE-2024-38094",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1454039",
          "CSAFPID-1454040",
          "CSAFPID-1454041"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38094",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38094.json"
        }
      ],
      "title": "CVE-2024-38094"
    },
    {
      "cve": "CVE-2024-38020",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1453809",
          "CSAFPID-1453810",
          "CSAFPID-1453812",
          "CSAFPID-1455689",
          "CSAFPID-1455687"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38020",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38020.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1453809",
            "CSAFPID-1453810",
            "CSAFPID-1453812",
            "CSAFPID-1455689",
            "CSAFPID-1455687"
          ]
        }
      ],
      "title": "CVE-2024-38020"
    },
    {
      "cve": "CVE-2024-38021",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1453809",
          "CSAFPID-1453810",
          "CSAFPID-1453812",
          "CSAFPID-1455689"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38021",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38021.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1453809",
            "CSAFPID-1453810",
            "CSAFPID-1453812",
            "CSAFPID-1455689"
          ]
        }
      ],
      "title": "CVE-2024-38021"
    }
  ]
}

WID-SEC-W-2024-1584

Vulnerability from csaf_certbund - Published: 2024-07-09 22:00 - Updated: 2024-10-22 22:00

Summary

Microsoft Office: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Microsoft 365 Apps ist eine Office Suite für zahlreiche Büroanwendungen. Die Microsoft Office Suite beinhaltet zahlreiche Büroanwendungen wie Textverarbeitung, Tabellenkalkulation, Datenbank und weitere Applikationen. Outlook ist ein Personal Information Manager von Microsoft und ist Bestandteil der Office Suite. Microsoft Sharepoint Services ist ein Portalsystem für die zentrale Verwaltung von Dokumenten und Anwendungen. Die Inhalte werden u.a. über Webseiten zur Verfügung gestellt. Microsoft Sharepoint ist ein Portalsystem für die zentrale Verwaltung von Dokumenten und Anwendungen. Die Inhalte werden u. a. über Webseiten zur Verfügung gestellt.

Angriff: Ein entfernter Angreifer kann mehrere Schwachstellen in Microsoft 365 Apps, Microsoft Office, Microsoft Office 2016, Microsoft Office 2019, Microsoft Outlook 2016, Microsoft SharePoint und Microsoft SharePoint Server 2019 ausnutzen, um Informationen offenzulegen oder um beliebigen Code auszuführen.

Betroffene Betriebssysteme: - Windows

CVE-2024-32987

Es besteht eine Schwachstelle in Microsoft 365 Apps, Microsoft Office, Microsoft Office 2016, Microsoft Office 2019, Microsoft Outlook 2016, Microsoft SharePoint und Microsoft SharePoint Server 2019, die noch nicht im Detail veröffentlicht wurde. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen.

Affected products

Known affected 8 products

Product	Identifier	Version
Microsoft Office 2016 Microsoft	`cpe:/a:microsoft:office_2016:-`	—
Microsoft SharePoint Enterprise Server 2016 Microsoft / SharePoint	`cpe:/a:microsoft:sharepoint:enterprise_server_2016`	Enterprise Server 2016
Microsoft SharePoint Server Subscription Edition Microsoft / SharePoint	`cpe:/a:microsoft:sharepoint:server_subscription_edition`	Server Subscription Edition
Microsoft Outlook 2016 Microsoft	`cpe:/a:microsoft:outlook_2016:for_mac`	—
Microsoft Office LTSC 2021 Microsoft / Office	`cpe:/a:microsoft:office:ltsc_2021`	LTSC 2021
Microsoft SharePoint Server 2019 Microsoft	`cpe:/a:microsoft:sharepoint_server_2019:-`	—
Microsoft 365 Apps Microsoft	`cpe:/a:microsoft:365_apps:word`	—
Microsoft Office 2019 Microsoft	`cpe:/a:microsoft:office_2019:ltsc_2021`	—

CVE-2024-38020

Affected products

Known affected 8 products

Product	Identifier	Version
Microsoft Office 2016 Microsoft	`cpe:/a:microsoft:office_2016:-`	—
Microsoft SharePoint Enterprise Server 2016 Microsoft / SharePoint	`cpe:/a:microsoft:sharepoint:enterprise_server_2016`	Enterprise Server 2016
Microsoft SharePoint Server Subscription Edition Microsoft / SharePoint	`cpe:/a:microsoft:sharepoint:server_subscription_edition`	Server Subscription Edition
Microsoft Outlook 2016 Microsoft	`cpe:/a:microsoft:outlook_2016:for_mac`	—
Microsoft Office LTSC 2021 Microsoft / Office	`cpe:/a:microsoft:office:ltsc_2021`	LTSC 2021
Microsoft SharePoint Server 2019 Microsoft	`cpe:/a:microsoft:sharepoint_server_2019:-`	—
Microsoft 365 Apps Microsoft	`cpe:/a:microsoft:365_apps:word`	—
Microsoft Office 2019 Microsoft	`cpe:/a:microsoft:office_2019:ltsc_2021`	—

CVE-2024-38021

Es besteht eine Schwachstelle in Microsoft 365 Apps, Microsoft Office, Microsoft Office 2016, Microsoft Office 2019, Microsoft Outlook 2016, Microsoft SharePoint und Microsoft SharePoint Server 2019, die noch nicht im Detail veröffentlicht wurde. Ein entfernter, anonymer Angreifer kann diese Schwachstelle zur Ausführung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.

Affected products

Known affected 8 products

Product	Identifier	Version
Microsoft Office 2016 Microsoft	`cpe:/a:microsoft:office_2016:-`	—
Microsoft SharePoint Enterprise Server 2016 Microsoft / SharePoint	`cpe:/a:microsoft:sharepoint:enterprise_server_2016`	Enterprise Server 2016
Microsoft SharePoint Server Subscription Edition Microsoft / SharePoint	`cpe:/a:microsoft:sharepoint:server_subscription_edition`	Server Subscription Edition
Microsoft Outlook 2016 Microsoft	`cpe:/a:microsoft:outlook_2016:for_mac`	—
Microsoft Office LTSC 2021 Microsoft / Office	`cpe:/a:microsoft:office:ltsc_2021`	LTSC 2021
Microsoft SharePoint Server 2019 Microsoft	`cpe:/a:microsoft:sharepoint_server_2019:-`	—
Microsoft 365 Apps Microsoft	`cpe:/a:microsoft:365_apps:word`	—
Microsoft Office 2019 Microsoft	`cpe:/a:microsoft:office_2019:ltsc_2021`	—

CVE-2024-38023

Es besteht eine Schwachstelle in Microsoft 365 Apps, Microsoft Office, Microsoft Office 2016, Microsoft Office 2019, Microsoft Outlook 2016, Microsoft SharePoint und Microsoft SharePoint Server 2019, die noch nicht im Detail veröffentlicht wurde. Ein entfernter privilegierter Angreifer kann diese Schwachstelle zur Ausführung von beliebigem Code ausnutzen.

Affected products

Known affected 8 products

Product	Identifier	Version
Microsoft Office 2016 Microsoft	`cpe:/a:microsoft:office_2016:-`	—
Microsoft SharePoint Enterprise Server 2016 Microsoft / SharePoint	`cpe:/a:microsoft:sharepoint:enterprise_server_2016`	Enterprise Server 2016
Microsoft SharePoint Server Subscription Edition Microsoft / SharePoint	`cpe:/a:microsoft:sharepoint:server_subscription_edition`	Server Subscription Edition
Microsoft Outlook 2016 Microsoft	`cpe:/a:microsoft:outlook_2016:for_mac`	—
Microsoft Office LTSC 2021 Microsoft / Office	`cpe:/a:microsoft:office:ltsc_2021`	LTSC 2021
Microsoft SharePoint Server 2019 Microsoft	`cpe:/a:microsoft:sharepoint_server_2019:-`	—
Microsoft 365 Apps Microsoft	`cpe:/a:microsoft:365_apps:word`	—
Microsoft Office 2019 Microsoft	`cpe:/a:microsoft:office_2019:ltsc_2021`	—

CVE-2024-38024

Es besteht eine Schwachstelle in Microsoft 365 Apps, Microsoft Office, Microsoft Office 2016, Microsoft Office 2019, Microsoft Outlook 2016, Microsoft SharePoint und Microsoft SharePoint Server 2019, die noch nicht im Detail veröffentlicht wurde. Ein entfernter privilegierter Angreifer kann diese Schwachstelle zur Ausführung von beliebigem Code ausnutzen.

Affected products

Known affected 8 products

Product	Identifier	Version
Microsoft Office 2016 Microsoft	`cpe:/a:microsoft:office_2016:-`	—
Microsoft SharePoint Enterprise Server 2016 Microsoft / SharePoint	`cpe:/a:microsoft:sharepoint:enterprise_server_2016`	Enterprise Server 2016
Microsoft SharePoint Server Subscription Edition Microsoft / SharePoint	`cpe:/a:microsoft:sharepoint:server_subscription_edition`	Server Subscription Edition
Microsoft Outlook 2016 Microsoft	`cpe:/a:microsoft:outlook_2016:for_mac`	—
Microsoft Office LTSC 2021 Microsoft / Office	`cpe:/a:microsoft:office:ltsc_2021`	LTSC 2021
Microsoft SharePoint Server 2019 Microsoft	`cpe:/a:microsoft:sharepoint_server_2019:-`	—
Microsoft 365 Apps Microsoft	`cpe:/a:microsoft:365_apps:word`	—
Microsoft Office 2019 Microsoft	`cpe:/a:microsoft:office_2019:ltsc_2021`	—

CVE-2024-38094

Es besteht eine Schwachstelle in Microsoft 365 Apps, Microsoft Office, Microsoft Office 2016, Microsoft Office 2019, Microsoft Outlook 2016, Microsoft SharePoint und Microsoft SharePoint Server 2019, die noch nicht im Detail veröffentlicht wurde. Ein entfernter privilegierter Angreifer kann diese Schwachstelle zur Ausführung von beliebigem Code ausnutzen.

Affected products

Known affected 8 products

Product	Identifier	Version
Microsoft Office 2016 Microsoft	`cpe:/a:microsoft:office_2016:-`	—
Microsoft SharePoint Enterprise Server 2016 Microsoft / SharePoint	`cpe:/a:microsoft:sharepoint:enterprise_server_2016`	Enterprise Server 2016
Microsoft SharePoint Server Subscription Edition Microsoft / SharePoint	`cpe:/a:microsoft:sharepoint:server_subscription_edition`	Server Subscription Edition
Microsoft Outlook 2016 Microsoft	`cpe:/a:microsoft:outlook_2016:for_mac`	—
Microsoft Office LTSC 2021 Microsoft / Office	`cpe:/a:microsoft:office:ltsc_2021`	LTSC 2021
Microsoft SharePoint Server 2019 Microsoft	`cpe:/a:microsoft:sharepoint_server_2019:-`	—
Microsoft 365 Apps Microsoft	`cpe:/a:microsoft:365_apps:word`	—
Microsoft Office 2019 Microsoft	`cpe:/a:microsoft:office_2019:ltsc_2021`	—

References

5 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://msrc.microsoft.com/update-guide	external
https://github.com/testanull/MS-SharePoint-July-P…	external
https://www.cisa.gov/known-exploited-vulnerabilit…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Microsoft 365 Apps ist eine Office Suite f\u00fcr zahlreiche B\u00fcroanwendungen.\r\nDie Microsoft Office Suite beinhaltet zahlreiche B\u00fcroanwendungen wie Textverarbeitung, Tabellenkalkulation, Datenbank und weitere Applikationen.\r\nOutlook ist ein Personal Information Manager von Microsoft und ist Bestandteil der Office Suite.\r\nMicrosoft Sharepoint Services ist ein Portalsystem f\u00fcr die zentrale Verwaltung von Dokumenten und Anwendungen. Die Inhalte werden u.a. \u00fcber Webseiten zur Verf\u00fcgung gestellt.\r\nMicrosoft Sharepoint ist ein Portalsystem f\u00fcr die zentrale Verwaltung von Dokumenten und Anwendungen. Die Inhalte werden u. a. \u00fcber Webseiten zur Verf\u00fcgung gestellt.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter Angreifer kann mehrere Schwachstellen in Microsoft 365 Apps, Microsoft Office, Microsoft Office 2016, Microsoft Office 2019, Microsoft Outlook 2016, Microsoft SharePoint und Microsoft SharePoint Server 2019 ausnutzen, um Informationen offenzulegen oder um beliebigen Code auszuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1584 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1584.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1584 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1584"
      },
      {
        "category": "external",
        "summary": "Microsoft Leitfaden f\u00fcr Sicherheitsupdates vom 2024-07-09",
        "url": "https://msrc.microsoft.com/update-guide"
      },
      {
        "category": "external",
        "summary": "MS-SharePoint-July-Patch-RCE-PoC vom 2024-07-10",
        "url": "https://github.com/testanull/MS-SharePoint-July-Patch-RCE-PoC"
      },
      {
        "category": "external",
        "summary": "CISA Known Exploited Vulnerabilities Catalog vom 2024-10-22",
        "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
      }
    ],
    "source_lang": "en-US",
    "title": "Microsoft Office: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-10-22T22:00:00.000+00:00",
      "generator": {
        "date": "2024-10-23T08:06:21.392+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.8"
        }
      },
      "id": "WID-SEC-W-2024-1584",
      "initial_release_date": "2024-07-09T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-07-09T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-10-22T22:00:00.000+00:00",
          "number": "2",
          "summary": "CVE-2024-38094 wird aktiv ausgenutzt"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Microsoft 365 Apps",
            "product": {
              "name": "Microsoft 365 Apps",
              "product_id": "T016696",
              "product_identification_helper": {
                "cpe": "cpe:/a:microsoft:365_apps:word"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "LTSC 2021",
                "product": {
                  "name": "Microsoft Office LTSC 2021",
                  "product_id": "T032745",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:office:ltsc_2021"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Office"
          },
          {
            "category": "product_name",
            "name": "Microsoft Office 2016",
            "product": {
              "name": "Microsoft Office 2016",
              "product_id": "T013923",
              "product_identification_helper": {
                "cpe": "cpe:/a:microsoft:office_2016:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Microsoft Office 2019",
            "product": {
              "name": "Microsoft Office 2019",
              "product_id": "T029333",
              "product_identification_helper": {
                "cpe": "cpe:/a:microsoft:office_2019:ltsc_2021"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Microsoft Outlook 2016",
            "product": {
              "name": "Microsoft Outlook 2016",
              "product_id": "T022027",
              "product_identification_helper": {
                "cpe": "cpe:/a:microsoft:outlook_2016:for_mac"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "Enterprise Server 2016",
                "product": {
                  "name": "Microsoft SharePoint Enterprise Server 2016",
                  "product_id": "T018556",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:sharepoint:enterprise_server_2016"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Server Subscription Edition",
                "product": {
                  "name": "Microsoft SharePoint Server Subscription Edition",
                  "product_id": "T021526",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:sharepoint:server_subscription_edition"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "SharePoint"
          },
          {
            "category": "product_name",
            "name": "Microsoft SharePoint Server 2019",
            "product": {
              "name": "Microsoft SharePoint Server 2019",
              "product_id": "T014523",
              "product_identification_helper": {
                "cpe": "cpe:/a:microsoft:sharepoint_server_2019:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-32987",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in Microsoft 365 Apps, Microsoft Office, Microsoft Office 2016, Microsoft Office 2019, Microsoft Outlook 2016, Microsoft SharePoint und Microsoft SharePoint Server 2019, die noch nicht im Detail ver\u00f6ffentlicht wurde. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T013923",
          "T018556",
          "T021526",
          "T022027",
          "T032745",
          "T014523",
          "T016696",
          "T029333"
        ]
      },
      "release_date": "2024-07-09T22:00:00.000+00:00",
      "title": "CVE-2024-32987"
    },
    {
      "cve": "CVE-2024-38020",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in Microsoft 365 Apps, Microsoft Office, Microsoft Office 2016, Microsoft Office 2019, Microsoft Outlook 2016, Microsoft SharePoint und Microsoft SharePoint Server 2019, die noch nicht im Detail ver\u00f6ffentlicht wurde. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen. Die erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T013923",
          "T018556",
          "T021526",
          "T022027",
          "T032745",
          "T014523",
          "T016696",
          "T029333"
        ]
      },
      "release_date": "2024-07-09T22:00:00.000+00:00",
      "title": "CVE-2024-38020"
    },
    {
      "cve": "CVE-2024-38021",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in Microsoft 365 Apps, Microsoft Office, Microsoft Office 2016, Microsoft Office 2019, Microsoft Outlook 2016, Microsoft SharePoint und Microsoft SharePoint Server 2019, die noch nicht im Detail ver\u00f6ffentlicht wurde. Ein entfernter, anonymer Angreifer kann diese Schwachstelle zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T013923",
          "T018556",
          "T021526",
          "T022027",
          "T032745",
          "T014523",
          "T016696",
          "T029333"
        ]
      },
      "release_date": "2024-07-09T22:00:00.000+00:00",
      "title": "CVE-2024-38021"
    },
    {
      "cve": "CVE-2024-38023",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in Microsoft 365 Apps, Microsoft Office, Microsoft Office 2016, Microsoft Office 2019, Microsoft Outlook 2016, Microsoft SharePoint und Microsoft SharePoint Server 2019, die noch nicht im Detail ver\u00f6ffentlicht wurde. Ein entfernter privilegierter Angreifer kann diese Schwachstelle zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T013923",
          "T018556",
          "T021526",
          "T022027",
          "T032745",
          "T014523",
          "T016696",
          "T029333"
        ]
      },
      "release_date": "2024-07-09T22:00:00.000+00:00",
      "title": "CVE-2024-38023"
    },
    {
      "cve": "CVE-2024-38024",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in Microsoft 365 Apps, Microsoft Office, Microsoft Office 2016, Microsoft Office 2019, Microsoft Outlook 2016, Microsoft SharePoint und Microsoft SharePoint Server 2019, die noch nicht im Detail ver\u00f6ffentlicht wurde. Ein entfernter privilegierter Angreifer kann diese Schwachstelle zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T013923",
          "T018556",
          "T021526",
          "T022027",
          "T032745",
          "T014523",
          "T016696",
          "T029333"
        ]
      },
      "release_date": "2024-07-09T22:00:00.000+00:00",
      "title": "CVE-2024-38024"
    },
    {
      "cve": "CVE-2024-38094",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in Microsoft 365 Apps, Microsoft Office, Microsoft Office 2016, Microsoft Office 2019, Microsoft Outlook 2016, Microsoft SharePoint und Microsoft SharePoint Server 2019, die noch nicht im Detail ver\u00f6ffentlicht wurde. Ein entfernter privilegierter Angreifer kann diese Schwachstelle zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T013923",
          "T018556",
          "T021526",
          "T022027",
          "T032745",
          "T014523",
          "T016696",
          "T029333"
        ]
      },
      "release_date": "2024-07-09T22:00:00.000+00:00",
      "title": "CVE-2024-38094"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-38094 (GCVE-0-2024-38094)

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

Timestamps

Scope

Evidence

Vendor Report Successful Exploitation Confidence: 80% Source: cisa-kev

Details

References

KEVintel KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

Timestamps

Scope

Evidence

Public Report Confirmed Compromise Confidence: 70% Source: kevintel

Details

References

Solutions

Solutions

Tags

Sightings

Nomenclature