CVE-2023-24950

Name of the Vulnerable Software and Affected Versions Microsoft SharePoint Server (affected versions not specified) Microsoft SharePoint Server Subscription Edition (affected versions not specified) Microsoft SharePoint Enterprise Server (affected versions not specified)

Description The issue is related to a lack of protection for service data in Microsoft SharePoint Server, allowing a remote attacker to conduct a spoofing attack and potentially disclose protected information.

Recommendations For Microsoft SharePoint Server, consider restricting access to sensitive data until a fix is available. For Microsoft SharePoint Server Subscription Edition, restrict access to vulnerable modules to minimize the risk of exploitation. For Microsoft SharePoint Enterprise Server, avoid using vulnerable functions until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.