LetsDefend SA Event ID: 189, SOC227 — Microsoft SharePoint Server Elevation of Privilege —…
Common Information
Type Value
UUID 4defd658-59f5-48da-b01f-73f84356d0d6
Fingerprint 3da03113fa5f1040
Analysis status DONE
Considered CTI value 1
Text language
Published Sept. 28, 2024, 4:19 a.m.
Added to db Sept. 28, 2024, 6:37 a.m.
Last updated Oct. 12, 2024, 9:55 a.m.
Headline LetsDefend SA Event ID: 189, SOC227 — Microsoft SharePoint Server Elevation of Privilege — Possible CVE-2023–29357 Exploitation
Title LetsDefend SA Event ID: 189, SOC227 — Microsoft SharePoint Server Elevation of Privilege —…
Detected Hints/Tags/Attributes 40/3/23
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 167 Cybersecurity on Medium https://medium.com/feed/tag/cybersecurity 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 47
cve-2023-29357
Details Domain 258
www.virustotal.com
Details Domain 7
www.abuseipdb.com
Details Domain 54
otx.alienvault.com
Details Domain 107
talosintelligence.com
Details Domain 15
whois.domaintools.com
Details Domain 3757
github.com
Details Domain 50
exploit.py
Details File 15
base64.url
Details File 5
self.url
Details File 6
json.json
Details File 50
exploit.py
Details Github username 4
chocapikk
Details IPv4 1
172.16.17.233
Details IPv4 1
39.91.166.222
Details Url 1
https://www.picussecurity.com/resource/blog/cve-2023-29357-sharepoint-server-privilege-escalation-vulnerability
Details Url 1
https://socprime.com/blog/cve-2023-29357-detection-microsoft-sharepoint-server-elevation-of-privilege-vulnerability-exploitation-can-lead-to-pre-auth-rce-chain
Details Url 1
https://www.virustotal.com/gui/ip-address/39.91.166.222/detection
Details Url 1
https://www.abuseipdb.com/check/39.91.166.222?page=5#report
Details Url 1
https://otx.alienvault.com/indicator/ip/39.91.166.222
Details Url 1
https://talosintelligence.com/reputation_center/lookup?search=39.91.166.222
Details Url 1
https://whois.domaintools.com/39.91.166.222
Details Url 1
https://github.com/chocapikk/cve-2023-29357/blob/main/exploit.py