Description
Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.
Published: 2026-04-14
Score: 6.5 Medium
EPSS: 1.2% Low
KEV: Yes
Impact: Network impersonation enabling unauthorized access
Action: Patch Promptly
AI Analysis

Impact

Improper input validation within Microsoft Office SharePoint Server allows an attacker to spoof identities over the network. This flaw can lead to unauthorized authentication, letting a malicious actor impersonate legitimate users or services and potentially gain access to sensitive content or functionalities. It is a classic input validation flaw (CWE‑20).

Affected Systems

The vulnerability affects Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint Server 2019, and Microsoft SharePoint Server Subscription Edition. The advisory does not specify limited versions, indicating that all current releases of these products may be vulnerable.

Risk and Exploitability

The CVSS score of 6.5 reflects moderate severity, yet the flaw is listed in the CISA Known Exploited Vulnerabilities catalog, meaning it has already been exploited in the wild. The EPSS score is 1%, indicating a low but nonzero probability of exploitation. The likely attack vector is network‑based spoofing, where an unauthenticated attacker crafts input to the SharePoint services to impersonate valid identities.

Generated by OpenCVE AI on April 15, 2026 at 14:36 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the Microsoft security update for CVE‑2026‑32201 as documented in the Microsoft Security Update Guide.
  • Restart the SharePoint services or reboot the servers if required by the update.
  • Monitor authentication logs for signs of spoofing attempts and confirm that identity resolution is functioning correctly.

Generated by OpenCVE AI on April 15, 2026 at 14:36 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 15 Apr 2026 15:30:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft sharepoint Server Subscription Edition
Vendors & Products Microsoft sharepoint Server Subscription Edition

Tue, 14 Apr 2026 19:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*
cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*

Tue, 14 Apr 2026 18:30:00 +0000

Type Values Removed Values Added
References
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 14 Apr 2026 17:45:00 +0000

Type Values Removed Values Added
Metrics kev

{'dateAdded': '2026-04-14T00:00:00+00:00', 'dueDate': '2026-04-28T00:00:00+00:00'}

Tue, 14 Apr 2026 17:30:00 +0000

Type Values Removed Values Added
Description Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.
Title Microsoft SharePoint Server Spoofing Vulnerability
First Time appeared Microsoft
Microsoft sharepoint Server
Microsoft sharepoint Server 2016
Microsoft sharepoint Server 2019
Weaknesses CWE-20
CPEs cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*
cpe:2.3:a:microsoft:sharepoint_server_2016:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:microsoft:sharepoint_server_2019:*:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft sharepoint Server
Microsoft sharepoint Server 2016
Microsoft sharepoint Server 2019
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:F/RL:O/RC:C'}

Subscriptions

Microsoft Sharepoint Server Sharepoint Server 2016 Sharepoint Server 2019 Sharepoint Server Subscription Edition
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-04-15T21:55:25.450Z

Reserved: 2026-03-11T01:49:58.658Z

Link: CVE-2026-32201

cve-icon Vulnrichment

Updated: 2026-04-14T17:26:37.680Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-14T18:17:27.160

Modified: 2026-04-14T19:37:08.297

Link: CVE-2026-32201

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-15T15:15:06Z

Weaknesses