CVE-2018-8153

Опубликовано: 09 мая 2018

Источник: nvd

CVSS3: 5.4

CVSS2: 5.8

EPSS Низкий

Описание

A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests, aka "Microsoft Exchange Spoofing Vulnerability." This affects Microsoft Exchange Server.

Ссылки

http://www.securityfocus.com/bid/104045
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1040850
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8153
Patch
Vendor Advisory
http://www.securityfocus.com/bid/104045
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1040850
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8153
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_8:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_9:*:*:*:*:*:*

EPSS

Процентиль: 74%

0.00829

Низкий

5.4 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-290

Связанные уязвимости

CVE-2018-8153

msrc

больше 7 лет назад

Microsoft Exchange Spoofing Vulnerability

GHSA-w3vw-mgpx-6mjp