Severity
High
Analysis Summary
CVE-2023-21742 CVSS:8.8
Microsoft SharePoint Server could allow a remote attacker to execute arbitrary code on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the SharePoint Server.
CVE-2023-21744 CVSS:8.8
Microsoft SharePoint Server could allow a remote attacker to execute arbitrary code on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-21743 CVSS:5.3
Microsoft SharePoint Server could allow a remote attacker to bypass security restrictions. An attacker could exploit this vulnerability to connect to the SharePoint server.
Impact
- Privilege Escalation
- Security Bypass
Indicators Of Compromise
CVE
- Code Execution
- Security Bypass
Affected Vendors
Microsoft
Affected Products
- Microsoft SharePoint Enterprise Server 2016
- Microsoft SharePoint Enterprise Server 2013
- SP1Microsoft SharePoint Server Subscription Edition
- Microsoft SharePoint Server 2019
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.