CVE-2023-29357CISA KEVEPSS p99.9%

CVE-2023-29357Microsoft SharePoint Server Privilege Escalation Vulnerability

Microsoft / SharePoint Server

Description

Microsoft SharePoint Server contains an unspecified vulnerability that allows an unauthenticated attacker, who has gained access to spoofed JWT authentication tokens, to use them for executing a network attack. This attack bypasses authentication, enabling the attacker to gain administrator privileges.

Scoring

EPSS99.62% probability of exploitation · percentile 99.9% · 2026-06-16T12:03:06Z

CISA KEV entry

Added to KEV: 2024-01-10

(incoming)1

TypeTargetConfidenceTier
KEVEntryMicrosoft SharePoint Server Privilege Escalation Vulnerabilitykev-cve-2023-293570%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Microsoft SharePoint Server Code Injection Vulnerability
CVE
CVE-2025-29794
CVE
CVE-2025-59245
CVE
Microsoft SharePoint Improper Authentication Vulnerability
CVE
CVE-2026-47298
CVE
Microsoft SharePoint Deserialization of Untrusted Data Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.