Description
SharePoint has an authentication bypass vulnerability. An attacker can bypass the authentication with a specially crafted JWT token and get full access to the system.
Remediation
Upgrade to the latest version of SharePoint
References
SharePoint Pre-Auth RCE chain (CVE-2023-29357 & CVE-2023-24955)
Microsoft SharePoint Server Elevation of Privilege Vulnerability
Related Vulnerabilities
WordPress Plugin WP Mail Logging Security Bypass (1.9.9)
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-50723)
Oracle Database Server CVE-2021-2175 Vulnerability (CVE-2021-2175)
CData Jetty Path Traversal (CVE-2024-31848/CVE-2024-31849/CVE-2024-31850/CVE-2024-31851)