Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB5002397
HistoryMay 09, 2023 - 7:00 a.m.

Description of the security update for SharePoint Enterprise Server 2016: May 9, 2023 (KB5002397)

2023-05-0907:00:00
Microsoft
support.microsoft.com
84
sharepoint
enterprise server 2016
security update
spoofing vulnerability
information disclosure
remote code execution
feature pack 2
sharepoint framework
nonsecurity fix

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

0.707 High

EPSS

Percentile

98.1%

JSON

Description of the security update for SharePoint Enterprise Server 2016: May 9, 2023 (KB5002397)

Summary

This security update resolves a Microsoft SharePoint Server spoofing vulnerability, Microsoft SharePoint Server information disclosure vulnerability, and Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerabilities, see the following security advisories:​​​​

Notes:

  • This is build 16.0.5395.1000 of the security update package.
  • To apply this security update, you must have the release version of Microsoft SharePoint Enterprise Server 2016 installed on the computer.

This public update delivers Feature Pack 2 for SharePoint Server 2016. Feature Pack 2 contains the following feature:

  • SharePoint Framework (SPFx)
    This public update also delivers all the features that were included in Feature Pack 1 for SharePoint Server 2016, including:
  • Administrative Actions Logging
  • MinRole enhancements
  • SharePoint Custom Tiles
  • Hybrid Taxonomy
  • OneDrive API for SharePoint on-premises
  • OneDrive for Business modern user experience (available to Software Assurance customers)
    The OneDrive for Business modern user experience requires an active Software Assurance contract at the time that the experience is enabled, either by installation of the public update or by manual enablement. If you don’t have an active Software Assurance contract at the time of enablement, you must turn off the OneDrive for Business modern user experience.For more information, see the following Microsoft Learn articles:
  • New features included in the November 2016 Public Update for SharePoint Server 2016 (Feature Pack 1)
  • New features included in the September 2017 Public Update for SharePoint Server 2016 (Feature Pack 2)

Improvements and fixes

This security update contains an improvement and a fix for the following nonsecurity issue in SharePoint Enterprise Server 2016:

  • Updates SharePoint search to be compatible with versions of the Hybrid Configuration Wizard and cloud hybrid search PowerShell configuration scripts that were released on or after May 9, 2023. Previous versions of the wizard and scripts used the Active Directory Authentication Library (ADAL) and Microsoft Online PowerShell module that will both reach the end of support on June 30, 2023. The new wizard and scripts use the Microsoft Authentication Library (MSAL) and Microsoft Graph PowerShell module that will remain in support after June 30, 2023.
  • Fixes issues in the SharePoint Distributed Cache service that were first introduced in the January 10, 2023, security update for SharePoint Server 2016 (KB 5002338). Those issues include having difficulty connecting to the SharePoint Distributed Cache service if the service is running on servers that are assigned the custom server role, and having difficulty connecting to the Distributed Cache service if it’s running on another server in a multi-server SharePoint farm.

How to get and install the update

Method 1: Microsoft Update

This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the standalone package for this update, go to the Microsoft Update Catalog website.

Method 3: Microsoft Download Center

You can get the standalone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

More information

Security update deployment information

For deployment information about this update, see Deployments - Security Update Guide.

Security update replacement information

This security update replaces previously released security update 5002385.

File hash information

File name SHA256 hash
sts2016-kb5002397-fullfile-x64-glb.exe 9D95857BF4AF28F674C211601E669C946A8ABEA767C8CC1F4A3BF244E1B8EFD5

File information

Download the list of files that are included in security update 5002397.

Information about protection and security

Protect yourself online: Windows Security supportLearn how we guard against cyber threats: Microsoft Security

Related

mskb 2
nessus 3
zdi 3
kaspersky 1
mscve 3
prion 3
cvelist 3
cve 3
cnvd 1
nvd 3
attackerkb 1
vulnrichment 1
talosblog 1
githubexploit 1
cisa_kev 1
hackread 1
packetstorm 1
thn 3
zdt 1
metasploit 1
hivepro 1
qualysblog 1
rapid7blog 2
avleonov 1
mskb
mskb
Description of the security update for SharePoint Server 2019: May 9, 2023 (KB5002389)
2023-05-09 07:00:00
Description of the security update for SharePoint Server Subscription Edition: May 9, 2023 (KB5002390)
2023-05-09 07:00:00
nessus
nessus
Security Updates for Microsoft SharePoint Server 2019 (May 2023)
2023-05-10 00:00:00
Security Updates for Microsoft SharePoint Server Subscription Edition (May 2023)
2023-05-10 00:00:00
Security Updates for Microsoft SharePoint Server 2016 (May 2023)
2023-05-10 00:00:00
zdi
zdi
(Pwn2Own) Microsoft SharePoint userphoto Information Disclosure Vulnerability
2023-06-16 00:00:00
(Pwn2Own) Microsoft SharePoint GenerateProxyAssembly Code Injection Remote Code Execution Vulnerability
2023-06-16 00:00:00
Microsoft SharePoint AdRotator Improper Input Validation NTLM Relay Vulnerability
2023-05-10 00:00:00
kaspersky
kaspersky
KLA49155 Multiple vulnerabilities in Microsoft Office
2023-05-09 00:00:00
mscve
mscve
Microsoft SharePoint Server Spoofing Vulnerability
2023-05-09 07:00:00
Microsoft SharePoint Server Information Disclosure Vulnerability
2023-05-09 07:00:00
Microsoft SharePoint Server Remote Code Execution Vulnerability
2023-05-09 07:00:00
prion
prion
Spoofing
2023-05-09 18:15:00
Information disclosure
2023-05-09 18:15:00
Remote code execution
2023-05-09 18:15:00
cvelist
cvelist
CVE-2023-24950 Microsoft SharePoint Server Spoofing Vulnerability
2023-05-09 17:03:00
CVE-2023-24954 Microsoft SharePoint Server Information Disclosure Vulnerability
2023-05-09 17:03:01
CVE-2023-24955 Microsoft SharePoint Server Remote Code Execution Vulnerability
2023-05-09 17:03:01
cve
cve
CVE-2023-24950
2023-05-09 18:15:13
CVE-2023-24954
2023-05-09 18:15:13
CVE-2023-24955
2023-05-09 18:15:13
cnvd
cnvd
Microsoft SharePoint Server Spoofing Vulnerability (CNVD-2023-53466)
2023-05-12 00:00:00
nvd
nvd
CVE-2023-24954
2023-05-09 18:15:13
CVE-2023-24955
2023-05-09 18:15:13
CVE-2023-24950
2023-05-09 18:15:13
attackerkb
attackerkb
CVE-2023-24955
2023-05-09 00:00:00
vulnrichment
vulnrichment
CVE-2023-24955 Microsoft SharePoint Server Remote Code Execution Vulnerability
2023-05-09 17:03:01
talosblog
talosblog
Microsoft Patch Tuesday for May 2023 — Fewest vulnerabilities disclosed in a month in three-plus years
2023-05-09 17:47:29
githubexploit
githubexploit
Exploit for Code Injection in Microsoft
2023-12-28 09:08:47
cisa_kev
cisa_kev
Microsoft SharePoint Server Code Injection Vulnerability
2024-03-26 00:00:00
hackread
hackread
CISA Urges Patching Microsoft SharePoint Vulnerability (CVE-2023-24955)
2024-03-28 17:24:22
packetstorm
packetstorm
Sharepoint Dynamic Proxy Generator Remote Command Execution
2024-03-27 00:00:00
thn
thn
Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability
2024-01-12 06:35:00
CISA Warns: Hackers Actively Attacking Microsoft SharePoint Vulnerability
2024-03-27 13:15:00
OpenRefine's Zip Slip Vulnerability Could Let Attackers Execute Malicious Code
2023-10-02 08:02:00
zdt
zdt
Sharepoint Dynamic Proxy Generator Remote Command Execution Exploit
2024-03-27 00:00:00
metasploit
metasploit
Sharepoint Dynamic Proxy Generator Unauth RCE
2024-01-19 20:22:22
hivepro
hivepro
Active Exploitation of Two Critical Flaws in Microsoft SharePoint
2024-01-15 12:56:34
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday, May 2023 Security Update Review
2023-05-09 21:24:08
rapid7blog
rapid7blog
Metasploit Weekly Wrap-Up 03/29/2024
2024-03-29 18:14:02
Patch Tuesday - May 2023
2023-05-09 20:02:02
avleonov
avleonov
Microsoft Patch Tuesday May 2023: Microsoft Edge, BlackLotus Secure Boot SFB, OLE RCE, Win32k EoP, NFS RCE, PGM RCE, LDAP RCE, SharePoint RCE
2023-05-27 22:39:14

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

0.707 High

EPSS

Percentile

98.1%

JSON
Related for KB5002397
mskb2nessus3zdi3kaspersky1mscve3prion3cvelist3cve3cnvd1nvd3attackerkb1vulnrichment1talosblog1githubexploit1cisa_kev1hackread1packetstorm1thn3zdt1metasploit1hivepro1qualysblog1rapid7blog2avleonov1