CNNVD-202509-1257 Information

Sep 09, 2025 cve

CNNVD ID

CNNVD-202509-1257

CVE-2025-54897

  • CNNVD Published: 2025-09-09

Description (Chinese)

Microsoft Office Sharepoint Server是美国微软(Microsoft)公司的一款为企业客户而设计的、基于web的内容管理和协作工具。该软件初始版本以Office组件形式存在,现在也仍然大大依托于Office,以提供企业门户、文档协同等功能为主,之后版本支持将Office、Exchange、Lync、Project和Visio结合起来。 Microsoft Office Sharepoint Server存在代码问题漏洞。攻击者利用该漏洞可以远程执行代码。以下产品和版本受到影响:Microsoft SharePoint Enterprise Server 2016,Microsoft SharePoint Server 2019,Microsoft SharePoint Server Subscription Edition。

Description (English)

Microsoft Office Sharepoint Server is a web-based content management and collaboration tool designed for corporate clients by Microsoft USA. The initial version of the software, which exists in the form of an Office component, is also still heavily dependent on Office, which provides, inter alia, business portals, document synergies, and the subsequent version supports the integration of Office, Exchange, Lync, Project and Visio. Microsoft Office Sharepoint Server has a code breach. The attackers used the loophole to implement the code remotely. The following products and versions have been affected: Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint Server 2019, Microsoft SharePoint Server Subscription Adition.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

微软

Published

2025-09-09

Last Modified

2026-02-24

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-54897

Patch

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-54897

Share on: