7.8
CVE-2025-30382
- EPSS 1.41%
- Veröffentlicht 13.05.2025 16:58:43
- Zuletzt bearbeitet 19.05.2025 13:43:36
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Microsoft SharePoint Server Remote Code Execution Vulnerability
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Sharepoint Server SwEditionsubscription Version < 16.0.18526.20286
Microsoft ≫ Sharepoint Server Version2016 SwEditionenterprise
Microsoft ≫ Sharepoint Server Version2019
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.41% | 0.803 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secure@microsoft.com | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-502 Deserialization of Untrusted Data
The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.