Download
| Alert*
|
oval:org.secpod.oval:def:15060
Microsoft Exchange Server 2013 is installed oval:org.secpod.oval:def:55365 The host is missing a security update KB4503028. oval:org.secpod.oval:def:50703 The host is missing an important security update for KB4345836 oval:org.secpod.oval:def:15061 Microsoft Exchange Server 2013 Cumulative Update 1 is installed oval:org.secpod.oval:def:14831 The host is installed with Microsoft Exchange Server 2007, 2010 or 2013 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation could allow attackers to run code on the affected Exchange Server. oval:org.secpod.oval:def:14832 The host is missing a critical security update according to Microsoft security bulletin, MS13-061. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation could allow attackers to run cod ... oval:org.secpod.oval:def:14830 The host is installed with Microsoft Exchange Server 2007, 2010 or 2013 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation could allow attackers to run code on the affected Exchange Server. oval:org.secpod.oval:def:14828 The host is installed with Microsoft Exchange Server 2007, 2010 or 2013 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation could allow attackers to run code on the affected Exchange Server. oval:org.secpod.oval:def:15062 Microsoft Exchange Server 2013 Cumulative Update 2 is installed oval:org.secpod.oval:def:15688 The host is installed with Microsoft Windows SharePoint Services 2.0, 3.0 SP3, SharePoint Server 2007 SP3, SharePoint Foundation 2010 SP1, SP2, SharePoint Server 2010 SP1, SP2, Exchange Server 2007, Exchange Server 2010, or Exchange Server 2013 and is prone to remote code execution vulnerability. A ... oval:org.secpod.oval:def:16208 The host is installed with Exchange Server 2007, Exchange Server 2010, or Exchange Server 2013 and is prone an OWA xss vulnerability. A flaw is present in the application, which fails to handle a specially crafted data. Successful exploitation could allow attackers to run script in the context of th ... oval:org.secpod.oval:def:16209 The host is missing a critical security update according to Microsoft security bulletin, MS13-105. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a specially crafted file. Successful exploitation could allow attackers to execut ... oval:org.secpod.oval:def:16206 The host is installed with Exchange Server 2010 or Exchange Server 2013 and is prone to cross-site scripting (XSS) vulnerability. A flaw is present in the application, which fails to handle a crafted URL. Successful exploitation could allow attackers to inject arbitrary web script or HTML. oval:org.secpod.oval:def:16207 The host is installed with Exchange Server 2007, Exchange Server 2010, or Exchange Server 2013 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to handle a specially crafted file. Successful exploitation could allow attackers to execute arbitrary code o ... oval:org.secpod.oval:def:16205 Microsoft Exchange Server 2013 Cumulative Update 3 is installed oval:org.secpod.oval:def:46095 The host is missing a moderate severity security update for KB4295699 oval:org.secpod.oval:def:21882 Microsoft Exchange Server 2013 SP1 is installed. Microsoft Exchange Server is calendaring software, a mail server and contact manager developed by Microsoft. oval:org.secpod.oval:def:21886 The host is installed with Microsoft Exchange Server 2013 and is prone to a XSS vulnerability. A flaw is present in the application, which does not properly validate input. Successful exploitation could allow attackers to run script in the context of the current user. oval:org.secpod.oval:def:21887 The host is installed with Microsoft Exchange Server 2013 and is prone to an URL redirection vulnerability. A flaw is present in the application, which fails to properly validate redirection tokens. An attacker who successfully exploited this vulnerability could redirect an user to an arbitrary doma ... oval:org.secpod.oval:def:21884 The host is installed with Microsoft Exchange Server 2007, 2010 or 2013 and is prone to a token spoofing vulnerability. A flaw is present in the applications, which fail to handle a specially crafted content. Successful exploitation could allow attackers to send email that appears to come from an us ... oval:org.secpod.oval:def:21885 The host is installed with Microsoft Exchange Server 2013 and is prone to a XSS vulnerability. A flaw is present in the application, which does not properly validate input. Successful exploitation could allow attackers to run script in the context of the current user. oval:org.secpod.oval:def:21883 Microsoft Exchange Server 2013 CU 6 is installed. Microsoft Exchange Server is calendaring software, a mail server and contact manager developed by Microsoft. oval:org.secpod.oval:def:21881 The host is missing an important security update according to Microsoft bulletin, MS14-075. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle a specially crafted content, properly validate redirection tokens or improperly validate ... oval:org.secpod.oval:def:23749 The host is installed with Microsoft Exchange Server 2013 or SP1 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to properly sanitize page content in Outlook Web App. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:23748 The host is installed with Microsoft Exchange Server 2013 or SP1 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to properly sanitize page content in Outlook Web App. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:23747 Microsoft Exchange Server 2013 Cumulative Update 7 is installed oval:org.secpod.oval:def:23746 The host is installed with Microsoft Exchange Server 2013 or SP1 and is prone to an OWA modified canary parameter cross site scripting vulnerability. A flaw is present in the application, which fails to properly sanitize page content in Outlook Web App. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:23751 The host is missing an important security update according to Microsoft security bulletin, MS15-026. The update is required to fix multiple OWA xss vulnerabilities. The flaws are present in the application, which fail to properly sanitize page content in Outlook Web App. Successful exploitation coul ... oval:org.secpod.oval:def:23750 The host is installed with Microsoft Exchange Server 2013 or SP1 and is prone to an exchange error message cross site scripting vulnerability. A flaw is present in the application, which fails to properly sanitize page content in Outlook Web App. Successful exploitation could allow attackers to exec ... oval:org.secpod.oval:def:24832 The host is installed with Exchange Server 2013, CU8 or SP1 and is prone to an Exchange Cross-Site request forgery vulnerability. A flaw is present in the application, which fails to properly manage user sessions. Successful exploitation could allow attackers to read content that the attacker is not ... oval:org.secpod.oval:def:24833 The host is installed with Exchange Server 2013 CU8 and is prone to an Exchange HTML injection vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted script to a target site that uses HTML sanitization. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:24834 The host is missing an important secuirity update according to Microsoft security bulletin, MS15-064. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle a specially crafted data. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:24830 Microsoft Exchange Server 2013 Cumulative Update 8 is installed oval:org.secpod.oval:def:24831 The host is installed with Exchange Server 2013, CU8 or SP1 and is prone to an Exchange Server-Side request forgery vulnerability. A flaw is present in the application, which fails to properly manage same-origin policy. Successful exploitation could allow attackers to disclose sensitive information. oval:org.secpod.oval:def:26527 The host is installed with Exchange Server 2013, CU8, CU9 or SP1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle web requests. Successful exploitation could allow attackers to disclose stacktrace details. oval:org.secpod.oval:def:26529 The host is installed with Exchange Server CU8 or CU9 and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to properly sanitize specially crafted email. Successful exploitation could allow attackers to perform HTML injection attacks on affected systems. oval:org.secpod.oval:def:26528 Microsoft Exchange Server 2013 Cumulative Update 9 is installed oval:org.secpod.oval:def:26530 The host is installed with Exchange Server 2013, CU8 or CU9 and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to properly sanitize specially crafted email. Successful exploitation could allow attackers to perform HTML injection attacks on affected systems. oval:org.secpod.oval:def:26531 The host is missing an important security update according to Microsoft security bulletin, MS15-103. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly sanitize specially crafted email. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:46097 The host is installed with Microsoft Exchange Server 2010, 2013 or 2016 and is prone to a remote security vulnerability. A flaw is present in the application, which fails to handle Outside In Filters component. Successful exploitation could allow attackers to exploit the vulnerability over HTTP prot ... oval:org.secpod.oval:def:46099 The host is installed with Microsoft Exchange Server 2010, 2013 or 2016 and is prone to a remote security vulnerability. A flaw is present in the application, which fails to handle Outside In Image Export SDK component. Successful exploitation could allow attackers to exploit the vulnerability over ... oval:org.secpod.oval:def:46098 The host is installed with Microsoft Exchange Server 2010, 2013 or 2016 and is prone to a remote security vulnerability. A flaw is present in the application, which fails to handle Outside In Filters component. Successful exploitation could allow attackers to exploit the vulnerability over HTTP prot ... oval:org.secpod.oval:def:32600 The host is installed with Exchange Server 2013, CU10, or 2016 and is prone to a spoofing vulnerability. A flaw is present in the applications, which fail to properly handle web requests. An attacker who successfully exploited the vulnerabilities could perform script or content injection attacks and ... oval:org.secpod.oval:def:32596 Microsoft Exchange Server 2013 Cumulative Update 10 is installed oval:org.secpod.oval:def:32598 The host is installed with Exchange Server 2013, CU10, CU11 or 2016 and is prone to a spoofing vulnerability. A flaw is present in the applications, which fail to properly handle web requests. An attacker who successfully exploited the vulnerabilities could perform script or content injection attack ... oval:org.secpod.oval:def:32594 The host is missing an important security update according to Microsoft security bulletin, MS16-010. The update is required to fix multiple spoofing vulnerabilities. The flaws are present in the applications, which fail to properly handle web requests. An attacker who successfully exploited the vuln ... oval:org.secpod.oval:def:32597 Microsoft Exchange Server 2013 Cumulative Update 11 is installed oval:org.secpod.oval:def:35603 The host is installed with Microsoft Exchange Server 2007, 2010, 2013 or 2016 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle a specially crafted content. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:35604 The host is installed with Microsoft Exchange Server 2013 or 2016 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a specially crafted content. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:35601 The host is installed with Microsoft Exchange Server 2007, 2010, 2013 or 2016 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle a specially crafted content. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:35602 The host is missing an important security update according to Microsoft security bulletin, MS16-079. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a specially crafted content. Successful exploitation could allow attackers to e ... oval:org.secpod.oval:def:35600 Microsoft Exchange Server 2013 Cumulative Update 12 is installed. Microsoft Exchange Server is calendaring software, a mail server and contact manager developed by Microsoft. oval:org.secpod.oval:def:35599 The host is installed with Microsoft Exchange Server 2007, 2010, 2013 or 2016 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle a specially crafted content. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:37001 Microsoft Exchange Server 2013 Cumulative Update 13 is installed oval:org.secpod.oval:def:37000 The host is installed with Microsoft Exchange Server 2007, 2010, 2013 or 2016 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly parse email messages. Successful exploitation could allow attackers to discover confidential user infor ... oval:org.secpod.oval:def:37004 The host is installed with Microsoft Exchange Server 2013 or 2016 and is prone to an open redirect vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted URL. Successful exploitation could allow attackers to trick the user and potentially acquire sens ... oval:org.secpod.oval:def:37003 The host is missing a critical security update according to Microsoft security bulletin, MS16-108. The update requires to fix multiple vulnerabilities. The flaws are present in the applications, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary co ... oval:org.secpod.oval:def:39303 Microsoft Exchange Server 2013 Cumulative Update 14 is installed oval:org.secpod.oval:def:40659 The host is installed with Microsoft malware protection engine before 1.1.13804.0 for Microsoft Forefront Security for SharePoint, Windows Defender or Microsoft Security Essentials and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafte ... oval:org.secpod.oval:def:40660 The host is installed with Microsoft malware protection engine before 1.1.13804.0 for Microsoft Forefront Security for SharePoint, Windows Defender or Microsoft Security Essentials and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a cr ... oval:org.secpod.oval:def:40663 The host is installed with Microsoft malware protection engine before 1.1.13804.0 for Microsoft Forefront Security for SharePoint, Windows Defender or Microsoft Security Essentials and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a cr ... oval:org.secpod.oval:def:40664 The host is installed with Microsoft malware protection engine before 1.1.13804.0 for Microsoft Forefront Security for SharePoint, Windows Defender or Microsoft Security Essentials and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafte ... oval:org.secpod.oval:def:40661 The host is installed with Microsoft malware protection engine before 1.1.13804.0 for Microsoft Forefront Security for SharePoint, Windows Defender or Microsoft Security Essentials and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a cr ... oval:org.secpod.oval:def:40662 The host is installed with Microsoft malware protection engine before 1.1.13804.0 for Microsoft Forefront Security for SharePoint, Windows Defender or Microsoft Security Essentials and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafte ... oval:org.secpod.oval:def:40665 The host is installed with Microsoft malware protection engine before 1.1.13804.0 for Microsoft Forefront Security for SharePoint, Windows Defender or Microsoft Security Essentials and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafte ... oval:org.secpod.oval:def:40666 The host is installed with Microsoft malware protection engine before 1.1.13804.0 for Microsoft Forefront Security for SharePoint, Windows Defender or Microsoft Security Essentials and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafte ... oval:org.secpod.oval:def:39302 The host is installed with Microsoft Exchange Server 2013 or 2016 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle a web request. Successful exploitation could allow attackers to perform script/content injection attacks, an ... oval:org.secpod.oval:def:39305 The host is missing an important security update according to Microsoft security bulletin, MS17-015. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle a web request. Successful exploitation could allow attacker ... oval:org.secpod.oval:def:41256 Microsoft Exchange Server 2013 Cumulative Update 16 is installed oval:org.secpod.oval:def:41258 The host is installed with Microsoft Exchange Server 2010, 2013 or 2016 and is prone to an open redirect vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted URL. Successful exploitation could allow attackers to acquire sensitive information, such a ... oval:org.secpod.oval:def:41255 The host is missing a moderate severity security update KB4018588 oval:org.secpod.oval:def:41259 The host is installed with Microsoft Exchange Server 2013 or 2016 and is prone to an cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle a crafted email message containing a malicious link. Successful exploitation could allow attackers to perform ... oval:org.secpod.oval:def:41260 The host is installed with Microsoft Exchange Server 2013 or 2016 and is prone to an cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle a crafted email message containing a malicious link. Successful exploitation could allow attackers to perform ... oval:org.secpod.oval:def:41992 Microsoft Exchange Server 2013 Cumulative Update 17 is installed oval:org.secpod.oval:def:41991 An input sanitization issue exists with Microsoft Exchange Server that could potentially result in unintended Information Disclosure. An attacker who successfully exploited the vulnerability could identify the existence of RFC1918 addresses on the local network from a client on the Internet. An atta ... oval:org.secpod.oval:def:42046 The host is missing an important security update KB4036108 oval:org.secpod.oval:def:43174 Microsoft Exchange Server 2013 Cumulative Update 18 is installed oval:org.secpod.oval:def:43178 The host is missing a security update ADV170023 oval:org.secpod.oval:def:43177 The host is missing an important security update KB4045655 oval:org.secpod.oval:def:44681 Microsoft Exchange Server 2013 Cumulative Update 19 is installed oval:org.secpod.oval:def:44683 An information disclosure vulnerability exists in the way that Microsoft Exchange Server handles URL redirects. If an impacted user is using Microsoft Exchange Outlook Web Access (OWA) Light, the vulnerability could allow an attacker to discover sensitive information that should otherwise not be dis ... oval:org.secpod.oval:def:44684 An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly sanitize links presented to users. An attacker who successfully exploited this vulnerability could override the OWA interface with a fake login page and attempt to trick the user into di ... oval:org.secpod.oval:def:44680 The host is missing an important security update KB4073392 oval:org.secpod.oval:def:45359 Microsoft Exchange Server 2013 Cumulative Update 20 is installed oval:org.secpod.oval:def:45358 An information disclosure vulnerability exists when Microsoft Exchange improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the remote system. To exploit the vulnerability, an attacker would send a specially-cr ... oval:org.secpod.oval:def:45365 A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. An attacker could then install programs; view ... oval:org.secpod.oval:def:45366 The host is missing an important security update KB4092041 oval:org.secpod.oval:def:45364 A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. An attacker could then install programs; view ... oval:org.secpod.oval:def:47095 Microsoft Exchange Server 2013 Cumulative Update 21 is installed oval:org.secpod.oval:def:47100 The host is missing a critical security update KB4340731 oval:org.secpod.oval:def:47094 A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. An attacker could then install programs; view ... oval:org.secpod.oval:def:57253 The host is missing an important security update for KB4509409. oval:org.secpod.oval:def:57255 An elevation of privilege vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could gain the same rights as any other user of the Exchange server. This could allow the attacker to perform activities such as accessing the mailboxes of other use ... oval:org.secpod.oval:def:82709 The host is missing a critical security update for KB5015321. oval:org.secpod.oval:def:79903 The host is missing an important security update for KB5014260. oval:org.secpod.oval:def:59632 Microsoft Exchange Server 2013 Cumulative Update 23 is installed oval:org.secpod.oval:def:61275 The host is missing an important security update for KB4536988. oval:org.secpod.oval:def:78028 The host is missing an important security update for KB5010324. oval:org.secpod.oval:def:67662 The host is missing an important security update KB4593466 oval:org.secpod.oval:def:49119 The host is installed with Microsoft Exchange Server 2010, 2013, 2016 or 2019 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle authentication requests. Successful exploitation could allow attackers to impersonate any other use ... oval:org.secpod.oval:def:50066 The host is installed with Microsoft Exchange Server 2010, 2013 or 2016 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle the PowerShell API. Successful exploitation could allow attackers to view additional details about the ... oval:org.secpod.oval:def:50068 The host is missing an important security update KB4471389 oval:org.secpod.oval:def:54145 The host is missing an important security update KB4487563 oval:org.secpod.oval:def:50611 The host is missing a security update for ADV190007 oval:org.secpod.oval:def:55366 The host is missing a security update for ADV190018. oval:org.secpod.oval:def:54147 A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests. An attacker who successfully exploited the vulnerability could perform script or content injection attacks, and attempt to trick the user into disclosing sensitive inform ... oval:org.secpod.oval:def:54148 A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests. An attacker who successfully exploited the vulnerability could perform script or content injection attacks, and attempt to trick the user into disclosing sensitive inform ... oval:org.secpod.oval:def:50706 The host is installed with Microsoft Exchange Server 2010, 2013 or 2016 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle the Exchange Web Services (EWS) and Push Notifications. Successful exploitation allows attackers to ga ... oval:org.secpod.oval:def:50707 The host is installed with Microsoft Exchange Server 2010, 2013 or 2016 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle the Exchange Web Services (EWS) and Push Notifications. Successful exploitation allows attackers to ga ... oval:org.secpod.oval:def:50708 The host is missing a security update for ADV190004 oval:org.secpod.oval:def:57254 A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected server.The attac ... oval:org.secpod.oval:def:59634 The host is missing a critical security update for KB4523171. oval:org.secpod.oval:def:59631 A remote code execution vulnerability exists in Microsoft Exchange through the deserialization of metadata via PowerShell. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the logged in user. Exploitation of this vulnerability requires that a user r ... oval:org.secpod.oval:def:61273 A remote code execution vulnerability exists in Microsoft Exchange Server when the server fails to properly create unique keys at install time. Knowledge of a the validation key allows an authenticated user with a mailbox to pass arbitrary objects to be deserialized by the web application, which run ... oval:org.secpod.oval:def:61271 An elevation of privilege vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could gain the same rights as any other user of the Exchange server. This could allow the attacker to perform activities such as accessing the mailboxes of other use ... oval:org.secpod.oval:def:66023 An information disclosure vulnerability exists in how Microsoft Exchange validates tokens when handling certain messages. An attacker who successfully exploited the vulnerability could use this to gain further information from a user. To exploit the vulnerability, an attacker could include specially ... oval:org.secpod.oval:def:66025 The host is missing a critical security update KB4581424 oval:org.secpod.oval:def:66893 The host is installed with Microsoft Exchange Server products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attacker to execute arbitrary code. oval:org.secpod.oval:def:66892 The host is installed with Microsoft Exchange Server products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attacker to execute arbitrary code. oval:org.secpod.oval:def:66895 The host is missing an important security update KB4588741 oval:org.secpod.oval:def:66894 The host is installed with Microsoft Exchange Server products and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow an attacker to cause a denial of service attack. oval:org.secpod.oval:def:67654 The host is installed with Microsoft Exchange Server products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle improper validation of cmdlet arguments. Successful exploitation could allow a remote attacker to execute arbitrary code. oval:org.secpod.oval:def:67655 The host is installed with Microsoft Exchange Server products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle improper validation of cmdlet arguments. Successful exploitation could allow a remote attacker to execute arbitrary code. oval:org.secpod.oval:def:67658 The host is installed with Microsoft Exchange Server products and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow an attacker to obtain sensitive information. oval:org.secpod.oval:def:67657 The host is installed with Microsoft Exchange Server products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle improper validation of cmdlet arguments. Successful exploitation could allow a remote attacker to execute arbitrary code. oval:org.secpod.oval:def:71820 The host is missing a critical security update for KB5003435. oval:org.secpod.oval:def:71817 The host is installed with Microsoft Exchange Server products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attacker to execute arbitrary code. oval:org.secpod.oval:def:71816 The host is installed with Microsoft Exchange Server products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attacker to execute arbitrary code. oval:org.secpod.oval:def:71819 The host is installed with Microsoft Exchange Server products and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow an attacker to perform spoofing attacks. oval:org.secpod.oval:def:71818 The host is installed with Microsoft Exchange Server products and is prone to a security feature bypass vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow an attacker to bypass security features. oval:org.secpod.oval:def:70934 The host is installed with Microsoft Exchange Server products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attackers to execute arbitrary code. oval:org.secpod.oval:def:70935 The host is installed with Microsoft Exchange Server products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attackers to execute arbitrary code. oval:org.secpod.oval:def:70936 The host is installed with Microsoft Exchange Server products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attackers to execute arbitrary code. oval:org.secpod.oval:def:70937 The host is missing a critical security update for KB5001779. oval:org.secpod.oval:def:70931 The host is installed with Microsoft Exchange Server products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attackers to execute arbitrary code. oval:org.secpod.oval:def:75803 The host is missing an important security update for KB5007409. oval:org.secpod.oval:def:75802 The host is installed with Microsoft Exchange Server 2013, 2016 or 2019 and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could leads to unspecified impact. oval:org.secpod.oval:def:75801 The host is installed with Microsoft Exchange Server 2013, 2016 or 2019 and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could leads to unspecified impact. oval:org.secpod.oval:def:78026 Microsoft Exchange Server Spoofing Vulnerability. An authenticated attacker could make a specially crafted network call to the target Exchange Server that causes the parsing of an http request made to an attacker-controlled server. This could lead to the disclosure of files from the target Exchange ... oval:org.secpod.oval:def:77049 Microsoft Exchange Server Remote Code Execution Vulnerability. This vulnerability's attack is limited at the protocol level to a logically adjacent topology. This means it cannot simply be done across the internet, but instead needs something specific tied to the target. Good examples would include ... oval:org.secpod.oval:def:75275 The host is installed with Microsoft Exchange Server products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could leads to unspecified impact. oval:org.secpod.oval:def:77052 The host is missing a critical security update for KB5008631. oval:org.secpod.oval:def:77051 Microsoft Exchange Server Remote Code Execution Vulnerability. This vulnerability's attack is limited at the protocol level to a logically adjacent topology. This means it cannot simply be done across the internet, but instead needs something specific tied to the target. Good examples would include ... oval:org.secpod.oval:def:77050 Microsoft Exchange Server Remote Code Execution Vulnerability. This vulnerability's attack is limited at the protocol level to a logically adjacent topology. This means it cannot simply be done across the internet, but instead needs something specific tied to the target. Good examples would include ... oval:org.secpod.oval:def:75266 The host is missing an important security update for KBKB5007011. oval:org.secpod.oval:def:87567 The host is missing an important security update for KB5023038 oval:org.secpod.oval:def:87565 The host is installed with Microsoft Exchange Server 2013, 2016 or 2019 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle malicious network call. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:87563 The host is installed with Microsoft Exchange Server 2013, 2016 or 2019 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle malicious network call. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:87564 The host is installed with Microsoft Exchange Server 2013, 2016 or 2019 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle malicious network call. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:82703 The host is installed with Microsoft Exchange Server 2016, 2019 or 2013 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attacker to read targeted email messages. oval:org.secpod.oval:def:79899 Microsoft Exchange Server Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires the attacker to be authenticated to the Exchange Server as a member of a high privileged group. In this case, an attacker with elevated privileges on the Exchange server could gain ... oval:org.secpod.oval:def:82707 The host is installed with Microsoft Exchange Server 2013, 2016 or 2019 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to read targeted email messages. oval:org.secpod.oval:def:82706 The host is installed with Microsoft Exchange Server 2013, 2016 or 2019 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could leads to unspecified impact. oval:org.secpod.oval:def:82705 The host is installed with Microsoft Exchange Server 2013, 2016 or 2019 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could leads to unspecified impact. oval:org.secpod.oval:def:82704 The host is installed with Microsoft Exchange Server 2016, 2019 or 2013 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could leads to take control over the mailboxes of all Exchange users. oval:org.secpod.oval:def:86680 The host is missing a critical security update for KB5022188. oval:org.secpod.oval:def:86677 The host is installed with Microsoft Exchange Server 2013, 2016 or 2019 and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to have an unspecified impact. oval:org.secpod.oval:def:85403 The host is installed with Microsoft Exchange Server 2013, 2016 or 2019 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to have an unspecified impact. oval:org.secpod.oval:def:85402 The host is installed with Microsoft Exchange Server 2013, 2016 or 2019 and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to have an unspecified impact. oval:org.secpod.oval:def:85401 The host is installed with Microsoft Exchange Server 2013, 2016 or 2019 and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to have an unspecified impact. oval:org.secpod.oval:def:85516 The host is missing a critical security update for KB5019758. oval:org.secpod.oval:def:57245 An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain invisibl ... |
