Описание
Microsoft Exchange Server Spoofing Vulnerability
FAQ
Is there additional information I need to know about or actions to perform after installing the update?
Yes. Please see the information available in Exchange Server non-RFC compliant P2 FROM header detection.
Why are the Exchange Server updates no longer available on the download center?
Microsoft has temporarily paused the rollout of this update. Please see the known issues section of the Exchange Server blog post.
We are working on addressing this issue and we'll update this CVE when it is resolved.
11/27/2024 Update: The known issue has been addressed and the update is now re-released.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft Exchange Server 2016 Cumulative Update 23 | ||
| Microsoft Exchange Server 2019 Cumulative Update 13 | ||
| Microsoft Exchange Server 2019 Cumulative Update 14 |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
EPSS
7.5 High
CVSS3
Связанные уязвимости
Microsoft Exchange Server Spoofing Vulnerability
Уязвимость почтового сервера Microsoft Exchange Server, связанная с ошибками представления информации пользовательским интерфейсом, позволяющая нарушителю проводить спуфинг-атаки
EPSS
7.5 High
CVSS3