CVE-2020-0972: 
vulnerability analysis and mitigation

A spoofing vulnerability (CVE-2020-0972) exists in Microsoft SharePoint Server when it fails to properly sanitize specially crafted web requests to an affected SharePoint server. The vulnerability was disclosed and patched on April 14, 2020, affecting multiple versions of SharePoint including SharePoint Enterprise Server 2016, SharePoint Foundation 2010 SP2, SharePoint Foundation 2013 SP1, and SharePoint Server 2019 (NVD).

The vulnerability has been assigned a CVSS v3.1 base score of 5.4 (Medium) with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N. Under CVSS v2.0, it received a base score of 3.5 (Low) with the vector (AV:N/AC:M/Au:S/C:N/I:P/A:N). The vulnerability requires user interaction and can be exploited remotely with low attack complexity (NVD).

If successfully exploited, this vulnerability could allow an attacker to perform spoofing attacks against the SharePoint server. The impact is rated as having low confidentiality and integrity impact, with no effect on system availability (NVD).

Microsoft has released security updates to address this vulnerability. The fixes are available through Microsoft Update or can be downloaded directly from the Microsoft Update Catalog. For SharePoint Server 2019, the security update KB4484292 should be installed. For SharePoint Enterprise Server 2016, the security update KB4484299 is required (Microsoft Support).