LetsDefend SA Event ID: 189, SOC227 — Microsoft SharePoint Server Elevation of Privilege —…
Tags
Common Information
Type | Value |
---|---|
UUID | 4defd658-59f5-48da-b01f-73f84356d0d6 |
Fingerprint | 3da03113fa5f1040 |
Analysis status | DONE |
Considered CTI value | 1 |
Text language | |
Published | Sept. 28, 2024, 4:19 a.m. |
Added to db | Sept. 28, 2024, 6:37 a.m. |
Last updated | Oct. 12, 2024, 9:55 a.m. |
Headline | LetsDefend SA Event ID: 189, SOC227 — Microsoft SharePoint Server Elevation of Privilege — Possible CVE-2023–29357 Exploitation |
Title | LetsDefend SA Event ID: 189, SOC227 — Microsoft SharePoint Server Elevation of Privilege —… |
Detected Hints/Tags/Attributes | 40/3/23 |
Source URLs
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 167 | ✔ | Cybersecurity on Medium | https://medium.com/feed/tag/cybersecurity | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | CVE | 47 | cve-2023-29357 |
|
Details | Domain | 258 | www.virustotal.com |
|
Details | Domain | 7 | www.abuseipdb.com |
|
Details | Domain | 54 | otx.alienvault.com |
|
Details | Domain | 107 | talosintelligence.com |
|
Details | Domain | 15 | whois.domaintools.com |
|
Details | Domain | 3757 | github.com |
|
Details | Domain | 50 | exploit.py |
|
Details | File | 15 | base64.url |
|
Details | File | 5 | self.url |
|
Details | File | 6 | json.json |
|
Details | File | 50 | exploit.py |
|
Details | Github username | 4 | chocapikk |
|
Details | IPv4 | 1 | 172.16.17.233 |
|
Details | IPv4 | 1 | 39.91.166.222 |
|
Details | Url | 1 | https://www.picussecurity.com/resource/blog/cve-2023-29357-sharepoint-server-privilege-escalation-vulnerability |
|
Details | Url | 1 | https://socprime.com/blog/cve-2023-29357-detection-microsoft-sharepoint-server-elevation-of-privilege-vulnerability-exploitation-can-lead-to-pre-auth-rce-chain |
|
Details | Url | 1 | https://www.virustotal.com/gui/ip-address/39.91.166.222/detection |
|
Details | Url | 1 | https://www.abuseipdb.com/check/39.91.166.222?page=5#report |
|
Details | Url | 1 | https://otx.alienvault.com/indicator/ip/39.91.166.222 |
|
Details | Url | 1 | https://talosintelligence.com/reputation_center/lookup?search=39.91.166.222 |
|
Details | Url | 1 | https://whois.domaintools.com/39.91.166.222 |
|
Details | Url | 1 | https://github.com/chocapikk/cve-2023-29357/blob/main/exploit.py |