| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| CVE-2024-30044 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Microsoft SharePoint Server | Critical | 30-05-2024 |
Technical Information
A remote code execution vulnerability where an authenticated attacker with Site Owner permissions could upload a specially crafted file to the targeted Sharepoint Server and craft specialized API requests to trigger deserialization of file’s parameters and it may allow the attacker to achieve remote code execution.
Patch Release Date: May 14, 2024
Further information on this vulnerability is available at: CVE-2024-30044
Affected Software
Microsoft SharePoint Enterprise Server 2016,Microsoft SharePoint Server 2019,
Microsoft SharePoint Server Subscription Edition