6.5
CVE-2025-53771
- EPSS 99.91%
- Veröffentlicht 20.07.2025 22:16:52
- Zuletzt bearbeitet 14.08.2025 17:29:05
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Microsoft SharePoint Server Spoofing Vulnerability
Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Sharepoint Server SwEditionsubscription Version < 16.0.18526.20508
Microsoft ≫ Sharepoint Server Version2016 SwEditionenterprise
Microsoft ≫ Sharepoint Server Version2019
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 99.91% | 1 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secure@microsoft.com | 6.5 | 3.9 | 2.5 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
|
CWE-287 Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53771
https://www.bleepingcomputer.com/news/microsoft/microsoft-sharepoint-zero-day-exploited-in-rce-attacks-no-patch-available/