What is CVE-2023-21717?

CVE-2023-21717 is a vulnerability in Microsoft SharePoint Server that allows for the elevation of privilege.

How severe is CVE-2023-21717?

CVE-2023-21717 has a severity rating of 8.8 out of 10, indicating a high severity.

Which versions of Microsoft SharePoint Server are affected by CVE-2023-21717?

CVE-2023-21717 affects Microsoft SharePoint Enterprise Server 2013 SP1, SharePoint Enterprise Server 2016, SharePoint Foundation 2013 SP1, SharePoint Server Subscription Edition, and SharePoint Server 2019.

How can I fix CVE-2023-21717?

To fix CVE-2023-21717, apply the patches provided by Microsoft for the affected versions of Microsoft SharePoint Server.

Where can I find more information about CVE-2023-21717?

You can find more information about CVE-2023-21717 on the Microsoft Security Response Center website.

Vulnerability/
CVE-2023-21717

high

8.8

CWE

284

14/2/2023

2/8/2024

CVE-2023-21717: Microsoft SharePoint Server Elevation of Privilege Vulnerability

First published: Tue Feb 14 2023(Updated: )

Microsoft SharePoint Server Elevation of Privilege Vulnerability

Credit: secure@microsoft.com secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft SharePoint Enterprise Server	=2013-sp1
Microsoft SharePoint Enterprise Server	=2016
Microsoft SharePoint Foundation	=2013-sp1
Microsoft SharePoint Server
Microsoft SharePoint Server	=2019
Microsoft SharePoint Foundation 2013		fix available externally fix available externally
Microsoft SharePoint Enterprise Server 2013		fix available externally fix available externally fix available externally
Microsoft SharePoint Server 2019		fix available externally fix available externally
Microsoft SharePoint Enterprise Server 2016		fix available externally fix available externally
Microsoft SharePoint Server Subscription Edition		fix available externally

Remedy

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21717

Never miss a vulnerability like this again

Reference Links

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21717 (Advisory)

Frequently Asked Questions

What is CVE-2023-21717?
CVE-2023-21717 is a vulnerability in Microsoft SharePoint Server that allows for the elevation of privilege.
How severe is CVE-2023-21717?
CVE-2023-21717 has a severity rating of 8.8 out of 10, indicating a high severity.
Which versions of Microsoft SharePoint Server are affected by CVE-2023-21717?
CVE-2023-21717 affects Microsoft SharePoint Enterprise Server 2013 SP1, SharePoint Enterprise Server 2016, SharePoint Foundation 2013 SP1, SharePoint Server Subscription Edition, and SharePoint Server 2019.
How can I fix CVE-2023-21717?
To fix CVE-2023-21717, apply the patches provided by Microsoft for the affected versions of Microsoft SharePoint Server.
Where can I find more information about CVE-2023-21717?
You can find more information about CVE-2023-21717 on the Microsoft Security Response Center website.

collector/nvd-index
agent/first-publish-date
agent/type
collector/mitre-cve
source/MITRE
agent/remedy
agent/title
agent/severity
agent/references
agent/description
collector/msrc-cve
source/Microsoft
agent/softwarecombine
agent/event
agent/software-canonical-lookup
collector/nvd-api
source/NVD
agent/weakness
agent/author
agent/last-modified-date
agent/tags
vendor/microsoft
canonical/microsoft sharepoint enterprise server
version/microsoft sharepoint enterprise server/2013-sp1
version/microsoft sharepoint enterprise server/2016
canonical/microsoft sharepoint foundation
version/microsoft sharepoint foundation/2013-sp1
canonical/microsoft sharepoint server
version/microsoft sharepoint server/2019
canonical/microsoft sharepoint server 2019
canonical/microsoft sharepoint enterprise server 2013
canonical/microsoft sharepoint foundation 2013
canonical/microsoft sharepoint server subscription edition
canonical/microsoft sharepoint enterprise server 2016