Описание
Microsoft Exchange Server Spoofing Vulnerability
Improper handling of additional special element in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
FAQ
According to the CVSS metrics, successful exploitation of this vulnerability could lead to no loss of confidentiality (C:N) and integrity (I:N), but could lead to some loss of availability (A:L). What does that mean for this vulnerability?
An attacker could spoof incorrect 5322.From email address that is displayed to a user.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft Exchange Server 2016 Cumulative Update 23 | ||
| Microsoft Exchange Server 2019 Cumulative Update 14 | ||
| Microsoft Exchange Server 2019 Cumulative Update 15 | ||
| Microsoft Exchange Server Subscription Edition RTM |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
EPSS
5.3 Medium
CVSS3
Связанные уязвимости
Improper handling of additional special element in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
Improper handling of additional special element in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
Уязвимость почтового сервера Microsoft Exchange Server, связанная с неправильной обработкой дополнительного специального элемента, позволяющая нарушителю проводить спуфинг-атаки
EPSS
5.3 Medium
CVSS3