Spoofing Vulnerability in Microsoft Office SharePoint
CVE-2025-49706

6.3MEDIUM

What is CVE-2025-49706?

An improper authentication vulnerability in Microsoft Office SharePoint allows a potentially authorized attacker to exploit network communications, enabling spoofing attacks. This unauthorized manipulation could lead to a compromise of sensitive data and system integrity, highlighting the need for immediate security measures and patching.

Affected Version(s)

Microsoft SharePoint Enterprise Server 2016 x64-based Systems 16.0.0 < 16.0.5508.1000

Microsoft SharePoint Server 2019 x64-based Systems 16.0.0 < 16.0.10417.20027

Microsoft SharePoint Server Subscription Edition x64-based Systems 16.0.0 < 16.0.18526.20424

References

CVSS V3.1

Score:
6.3
Severity:
MEDIUM
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-49706 : Spoofing Vulnerability in Microsoft Office SharePoint