<< Back
CVE Number Vulnerability Product Severity Date
CVE-2024-30044 Microsoft SharePoint Server Remote Code Execution Vulnerability Microsoft SharePoint Server Critical 30-05-2024

Technical Information

A remote code execution vulnerability where an authenticated attacker with Site Owner permissions could upload a specially crafted file to the targeted Sharepoint Server and craft specialized API requests to trigger deserialization of file’s parameters and it may allow the attacker to achieve remote code execution.

Patch Release Date: May 14, 2024
Further information on this vulnerability is available at: CVE-2024-30044

Affected Software

Microsoft SharePoint Enterprise Server 2016,
Microsoft SharePoint Server 2019,
Microsoft SharePoint Server Subscription Edition