SB2023061350 - Multiple vulnerabilities in Microsoft SharePoint Server

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2023-33142)

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to application does not properly impose security restrictions in Microsoft SharePoint Server. A remote user can create a list or document library in the targeted SharePoint site.

2) Improper Authentication (CVE-ID: CVE-2023-29357)

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error within the ValidateTokenIssuer method. A remote attacker can bypass authentication process and gain unauthorized access to the application.

3) Spoofing attack (CVE-ID: CVE-2023-33130)

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of user-supplied data in Microsoft SharePoint Server. A remote user can spoof page content.

4) Spoofing attack (CVE-ID: CVE-2023-33132)

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of user-supplied data in Microsoft SharePoint Server. A remote user can spoof page content.

Remediation

Install update from vendor's website.

References

• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-33142
• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-29357
• https://www.zerodayinitiative.com/advisories/ZDI-23-882/
• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-33130
• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-33132