CVE-2025-49706 | THREATINT

Description

Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.

PUBLISHED Reserved 2025-06-09 | Published 2025-07-08 | Updated 2026-02-26 | Assigner microsoft

MEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:F/RL:O/RC:C

CISA Known Exploited Vulnerability

Date added 2025-07-22 | Due date 2025-07-23

Known Ransomware Campaign(s)

Disconnect public-facing versions of SharePoint Server that have reached their end-of-life (EOL) or end-of-service (EOS) to include SharePoint Server 2013 and earlier versions. For supported versions, please follow the mitigations according to CISA (URL listed below in Notes) and vendor instructions (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.

Problem types

CWE-287: Improper Authentication

Product status

16.0.0 (custom) before 16.0.5508.1000

affected

16.0.0 (custom) before 16.0.10417.20027

affected

16.0.0 (custom) before 16.0.18526.20424

affected

References

www.microsoft.com/...on-premises-sharepoint-vulnerabilities/ vendor-advisory

www.cisa.gov/...erabilities-catalog?field_cve=CVE-2025-49706 government-resource

msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49706 (Microsoft SharePoint Server Spoofing Vulnerability) vendor-advisory patch

cve.org (CVE-2025-49706)

nvd.nist.gov (CVE-2025-49706)

Download JSON