Описание
Microsoft Exchange Server Spoofing Vulnerability
Improper validation of syntactic correctness of input in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
FAQ
According to the CVSS metrics, successful exploitation of this vulnerability could lead to no loss of confidentiality (C:N), some loss of integrity (I:L) but have no effect on availability (A:N). What is the impact of this vulnerability?
An attacker could spoof incorrect 5322.From email address that is displayed to a user.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft Exchange Server 2016 Cumulative Update 23 | ||
| Microsoft Exchange Server 2019 Cumulative Update 14 | ||
| Microsoft Exchange Server 2019 Cumulative Update 15 | ||
| Microsoft Exchange Server Subscription Edition RTM |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
DOS
EPSS
5.3 Medium
CVSS3
Связанные уязвимости
Improper validation of syntactic correctness of input in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
Improper validation of syntactic correctness of input in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
Уязвимость почтового сервера Microsoft Exchange Server, связанная с неправильной проверкой синтаксической корректности ввода, позволяющая нарушителю проводить спуфинг-атаки
EPSS
5.3 Medium
CVSS3