Plataforma
sharepoint
Componente
microsoft-sharepoint-server
Corrigido em
16.0.5456.1000
16.0.10412.20001
16.0.17328.20424
CVE-2024-32987 is an Information Disclosure vulnerability affecting Microsoft SharePoint Server. This vulnerability allows an attacker to potentially access sensitive information within the SharePoint environment. It impacts versions 16.0.0 through 16.0.17328.20424. A security update has been released to address this issue.
Successful exploitation of CVE-2024-32987 could allow an attacker to gain unauthorized access to sensitive data stored within a SharePoint Server instance. The specific data exposed depends on the SharePoint configuration and permissions, but could include user credentials, internal documents, or other confidential information. This could lead to data breaches, reputational damage, and potential regulatory fines. While the vulnerability description doesn't detail a specific attack vector, the potential for information leakage makes it a significant security concern.
CVE-2024-32987 was publicly disclosed on July 9, 2024. As of this date, there are no publicly available proof-of-concept exploits. The vulnerability’s severity is rated HIGH (CVSS 7.5), indicating a moderate probability of exploitation. It is not currently listed on the CISA KEV catalog. Active campaigns targeting this vulnerability are not currently known.
Organizations heavily reliant on Microsoft SharePoint Server for document management and collaboration are at significant risk. Specifically, deployments with weak access controls or those storing sensitive data within SharePoint are particularly vulnerable. Environments that have not been regularly patched or updated are also at increased risk.
• windows / sharepoint:
Get-SPOSite -Limit 1000 | Select-Object URL, Title, Owner• generic web:
curl -I https://<sharepoint_url>/_layouts/15/settings.php• generic web:
grep -i "SharePoint Server" /var/log/apache2/access.logdisclosure
Status do Exploit
EPSS
3.74% (percentil 88%)
CISA SSVC
Vetor CVSS
The primary mitigation for CVE-2024-32987 is to upgrade Microsoft SharePoint Server to version 16.0.17328.20424 or later. Before applying the update, it's recommended to review Microsoft's documentation for any potential compatibility issues or breaking changes. Consider testing the update in a non-production environment first. If immediate patching is not possible, review SharePoint permissions and access controls to minimize the potential impact of a successful attack. Implement network segmentation to limit access to SharePoint servers. After the upgrade, verify the fix by attempting to reproduce the vulnerability using known attack patterns (if available) or by reviewing SharePoint logs for any suspicious activity.
Atualize o Microsoft SharePoint Server para a versão 16.0.5456.1000, 16.0.10412.20001 ou 16.0.17328.20424, ou uma versão posterior, conforme apropriado para sua instalação. Consulte o boletim de segurança da Microsoft para obter mais detalhes e instruções.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2024-32987 is a vulnerability in Microsoft SharePoint Server that could allow an attacker to access sensitive information. It has a CVSS score of 7.5 (HIGH) and affects versions 16.0.0–16.0.17328.20424.
If you are running Microsoft SharePoint Server versions 16.0.0 through 16.0.17328.20424, you are potentially affected by this vulnerability. Check your version and apply the security update.
The recommended fix is to upgrade to Microsoft SharePoint Server version 16.0.17328.20424 or later. Review Microsoft's documentation for upgrade instructions and potential compatibility issues.
As of July 9, 2024, there are no publicly known active exploitation campaigns targeting CVE-2024-32987, but the HIGH severity warrants prompt remediation.
Refer to the official Microsoft Security Update Guide for CVE-2024-32987: [https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-32987](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-32987)
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.