CVE-2025-49704

Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49704	Vendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-49704	US Government Resource
https://www.microsoft.com/en-us/security/blog/2025/07/22/disrupting-active-exploitation-of-on-premises-sharepoint-vulnerabilities/	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:microsoft:sharepoint_server:2016::::enterprise:::
	cpe:2.3:a:microsoft:sharepoint_server:2019:::::::*

History

No history.

Information

Published : 2025-07-08 17:15

Updated : 2025-10-27 17:12

NVD link : CVE-2025-49704

Mitre link : CVE-2025-49704

CVE.ORG link : CVE-2025-49704

JSON object : View

Products Affected

microsoft

sharepoint_server

CWE

CWE-94

Improper Control of Generation of Code ('Code Injection')

{"id": "CVE-2025-49704", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2025-07-08T17:15:57.867", "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49704", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-49704", "tags": ["US Government Resource"], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}, {"url": "https://www.microsoft.com/en-us/security/blog/2025/07/22/disrupting-active-exploitation-of-on-premises-sharepoint-vulnerabilities/", "tags": ["Vendor Advisory"], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network."}, {"lang": "es", "value": "El control inadecuado de la generaci\u00f3n de c\u00f3digo ('inyecci\u00f3n de c\u00f3digo') en Microsoft Office SharePoint permite que un atacante autorizado ejecute c\u00f3digo a trav\u00e9s de una red."}], "lastModified": "2025-10-27T17:12:33.713", "cisaActionDue": "2025-07-23", "cisaExploitAdd": "2025-07-22", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "F815EF1D-7B60-47BE-9AC2-2548F99F10E4"}, {"criteria": "cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6122D014-5BF1-4AF4-8B4D-80205ED7785E"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]", "cisaRequiredAction": "Disconnect public-facing versions of SharePoint Server that have reached their end-of-life (EOL) or end-of-service (EOS) to include SharePoint Server 2013 and earlier versions. For supported versions, please follow the mitigations according to CISA (URL listed below in Notes) and vendor instructions (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.", "cisaVulnerabilityName": "Microsoft SharePoint Code Injection Vulnerability"}