{"dataType": "CVE_RECORD", "containers": {"cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"cpes": ["cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*"], "vendor": "microsoft", "product": "sharepoint_server", "versions": [{"status": "affected", "version": "0", "lessThan": "16.0.18526.20508", "versionType": "custom"}, {"status": "affected", "version": "2016"}, {"status": "affected", "version": "2019"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53771", "tags": ["vendor-advisory"]}, {"url": "https://www.bleepingcomputer.com/news/microsoft/microsoft-sharepoint-zero-day-exploited-in-rce-attacks-no-patch-available/", "tags": ["x_press/media-coverage"]}], "descriptions": [{"lang": "en", "value": "Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network."}, {"lang": "es", "value": "La limitación incorrecta de una ruta de acceso a un directorio restringido ('path traversal') en Microsoft Office SharePoint permite que un atacante autorizado realice suplantación de identidad a través de una red."}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-287", "description": "CWE-287"}]}], "x_remediations": {"windows": [{"type": "update", "anyOf": ["KB5002753", "KB5002770", "KB5002774", "KB5002798", "KB5002802", "KB5002823", "KB5002836", "KB5002847", "KB5002856"], "products": ["Microsoft SharePoint Server 2019"]}, {"type": "update", "anyOf": ["KB5002754", "KB5002769", "KB5002775", "KB5002796", "KB5002803", "KB5002816", "KB5002825", "KB5002834", "KB5002845", "KB5002854"], "products": ["Microsoft SharePoint Server 2019"]}, {"type": "update", "anyOf": ["KB5002759", "KB5002772", "KB5002777", "KB5002787", "KB5002804", "KB5002827", "KB5002840", "KB5002851", "KB5002862"], "products": ["Microsoft SharePoint Enterprise Server 2016"]}, {"type": "update", "anyOf": ["KB5002760", "KB5002771", "KB5002778", "KB5002788", "KB5002805", "KB5002821", "KB5002828", "KB5002841", "KB5002850", "KB5002861"], "products": ["Microsoft SharePoint Enterprise Server 2016"]}, {"type": "update", "anyOf": ["KB5002768", "KB5002773", "KB5002784", "KB5002786", "KB5002800", "KB5002815", "KB5002822", "KB5002833", "KB5002843", "KB5002853"], "products": ["Microsoft SharePoint Server Subscription Edition"]}]}, "providerMetadata": {"orgId": "00000000-0000-4000-A000-000000000003", "shortName": "nvd", "dateUpdated": "2025-07-20T23:15:31Z", "x_subShortName": "nvd"}}}, "cveMetadata": {"cveId": "CVE-2025-53771", "state": "PUBLISHED", "dateUpdated": "2025-08-14T17:29:05Z", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "datePublished": "2025-07-20T23:15:31Z", "assignerShortName": "microsoft"}, "dataVersion": "5.0"}