CVE-2017-11761

Опубликовано: 13 сент. 2017

Источник: nvd

CVSS3: 5.3

CVSS2: 5

EPSS Низкий

Описание

Microsoft Exchange Server 2013 and Microsoft Exchange Server 2016 allow an input sanitization issue with Microsoft Exchange that could potentially result in unintended Information Disclosure, aka "Microsoft Exchange Information Disclosure Vulnerability"

Ссылки

http://www.securityfocus.com/bid/100731
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039320
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11761
Patch
Vendor Advisory
http://www.securityfocus.com/bid/100731
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039320
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11761
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_16:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_17:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2013:sp1:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_5:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_6:*:*:*:*:*:*

EPSS

Процентиль: 92%

0.07988

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

CVE-2017-11761

msrc

почти 8 лет назад

Microsoft Exchange Information Disclosure Vulnerability

GHSA-pf3p-qjm3-w7j2