CVE-2021-31948

Name of the Vulnerable Software and Affected Versions Microsoft SharePoint Server (affected versions not specified) Microsoft SharePoint Foundation (affected versions not specified) Microsoft SharePoint Enterprise Server (affected versions not specified)

Description The issue is due to insufficient input validation in Microsoft SharePoint Server, Microsoft SharePoint Foundation, and Microsoft SharePoint Enterprise Server. This allows a remote attacker to conduct spoofing attacks.

Recommendations For Microsoft SharePoint Server, consider restricting access to sensitive areas of the system until a fix is available. For Microsoft SharePoint Foundation, restrict access to vulnerable modules to minimize the risk of exploitation. For Microsoft SharePoint Enterprise Server, avoid using vulnerable parameters in affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.