Cyber Resilience

CVE-2024-30043

Medium

Published: 14 May 2024

Published
14 May 2024
Modified
08 January 2025
KEV Added
Patch
CVSS Score v3.1 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.5933 98.3th percentile
Risk Priority 49 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-30043 is a medium-severity Improper Restriction of XML External Entity Reference (CWE-611) vulnerability in Microsoft Sharepoint Server. Its CVSS base score is 6.5 (Medium).

Operationally, ranked in the top 1.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

Microsoft SharePoint Server contains an information disclosure vulnerability tracked as CVE-2024-30043 and assigned CWE-611. The flaw received a CVSS 3.1 score of 6.5 with an attack vector of network, low attack complexity, low required privileges, and no user interaction, resulting in high impact to confidentiality while leaving integrity and availability unaffected.

An authenticated attacker with low privileges can send specially crafted requests over the network to the affected SharePoint Server instance and obtain sensitive information that would otherwise be restricted. The same access level is sufficient to trigger the flaw without any additional user interaction or elevated rights on the target system.

Microsoft has published an advisory for CVE-2024-30043 at the Microsoft Security Response Center, which security teams should consult for official patch availability and recommended actions. The current and peak EPSS score for the vulnerability stands at 0.5933.

EU & UK References

Vulnerability details

Microsoft SharePoint Server Information Disclosure Vulnerability

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

microsoft
sharepoint server
2016, 2019 · ≤ 16.0.17328.20292

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-611

Penetration testing includes XML external entity payloads, detecting XXE vulnerabilities and enabling their mitigation.

addresses: CWE-611

Identifies XML external entity processing via monitoring of unusual file/network access or resource usage.

References