CVE-2024-38018

Name of the Vulnerable Software and Affected Versions Microsoft SharePoint Server (affected versions not specified)

Description The software contains a remote code execution issue stemming from flaws in the deserialization mechanism. Exploitation may allow an attacker to execute arbitrary code remotely by submitting a specially crafted file. The issue affects fully patched versions of SharePoint 2013 and SharePoint 2010, which are end-of-life and will not receive a fix. The issue is implemented in https://t.co/9BofGcFaWh.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.