CVE-2025-33051

Опубликовано: 12 авг. 2025

Источник: msrc

CVSS3: 7.5

EPSS Низкий

Описание

Microsoft Exchange Server Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Microsoft Exchange Server allows an unauthorized attacker to disclose information over a network.

FAQ

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is whether an email address exists on the server or not.

Обновления

Продукт	Статья	Обновление
Microsoft Exchange Server 2016 Cumulative Update 23	5063223	Security Update
Microsoft Exchange Server 2019 Cumulative Update 14	5063222	Security Update
Microsoft Exchange Server 2019 Cumulative Update 15	5063221	Security Update
Microsoft Exchange Server Subscription Edition RTM	5063224	Security Update

Показывать по

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 21%

0.00068

Низкий

7.5 High

CVSS3

Связанные уязвимости

CVE-2025-33051

CVSS3: 7.5

nvd

9 дней назад

Exposure of sensitive information to an unauthorized actor in Microsoft Exchange Server allows an unauthorized attacker to disclose information over a network.

GHSA-g2pc-4mv5-44c7

CVSS3: 7.5

github

9 дней назад

Exposure of sensitive information to an unauthorized actor in Microsoft Exchange Server allows an unauthorized attacker to disclose information over a network.

EPSS

Процентиль: 21%

0.00068

Низкий

7.5 High

CVSS3