Download
| Alert*
oval:org.secpod.oval:def:32595
Microsoft Exchange Server 2016 is installed oval:org.secpod.oval:def:32601 The host is installed with Exchange Server 2016 and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to properly handle web requests. An attacker who successfully exploited the vulnerabilities could perform script or content injection attacks and attempt to tri ... oval:org.secpod.oval:def:46097 The host is installed with Microsoft Exchange Server 2010, 2013 or 2016 and is prone to a remote security vulnerability. A flaw is present in the application, which fails to handle Outside In Filters component. Successful exploitation could allow attackers to exploit the vulnerability over HTTP prot ... oval:org.secpod.oval:def:46096 The host is missing a moderate severity security update for KB4099852 oval:org.secpod.oval:def:46099 The host is installed with Microsoft Exchange Server 2010, 2013 or 2016 and is prone to a remote security vulnerability. A flaw is present in the application, which fails to handle Outside In Image Export SDK component. Successful exploitation could allow attackers to exploit the vulnerability over ... oval:org.secpod.oval:def:46098 The host is installed with Microsoft Exchange Server 2010, 2013 or 2016 and is prone to a remote security vulnerability. A flaw is present in the application, which fails to handle Outside In Filters component. Successful exploitation could allow attackers to exploit the vulnerability over HTTP prot ... oval:org.secpod.oval:def:32599 The host is installed with Exchange Server 2016 and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to properly handle web requests. An attacker who successfully exploited the vulnerabilities could perform script or content injection attacks and attempt to tri ... oval:org.secpod.oval:def:50704 The host is missing an important security update for KB4471392 oval:org.secpod.oval:def:32600 The host is installed with Exchange Server 2013, CU10, or 2016 and is prone to a spoofing vulnerability. A flaw is present in the applications, which fail to properly handle web requests. An attacker who successfully exploited the vulnerabilities could perform script or content injection attacks and ... oval:org.secpod.oval:def:32598 The host is installed with Exchange Server 2013, CU10, CU11 or 2016 and is prone to a spoofing vulnerability. A flaw is present in the applications, which fail to properly handle web requests. An attacker who successfully exploited the vulnerabilities could perform script or content injection attack ... oval:org.secpod.oval:def:32594 The host is missing an important security update according to Microsoft security bulletin, MS16-010. The update is required to fix multiple spoofing vulnerabilities. The flaws are present in the applications, which fail to properly handle web requests. An attacker who successfully exploited the vuln ... oval:org.secpod.oval:def:35598 Microsoft Exchange Server 2016 Cumulative Update 1 is installed oval:org.secpod.oval:def:35603 The host is installed with Microsoft Exchange Server 2007, 2010, 2013 or 2016 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle a specially crafted content. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:35604 The host is installed with Microsoft Exchange Server 2013 or 2016 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a specially crafted content. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:35601 The host is installed with Microsoft Exchange Server 2007, 2010, 2013 or 2016 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle a specially crafted content. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:35602 The host is missing an important security update according to Microsoft security bulletin, MS16-079. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a specially crafted content. Successful exploitation could allow attackers to e ... oval:org.secpod.oval:def:35599 The host is installed with Microsoft Exchange Server 2007, 2010, 2013 or 2016 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle a specially crafted content. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:37000 The host is installed with Microsoft Exchange Server 2007, 2010, 2013 or 2016 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly parse email messages. Successful exploitation could allow attackers to discover confidential user infor ... oval:org.secpod.oval:def:37005 The host is installed with Microsoft Exchange Server 2016 and is prone to an escalation of privilege vulnerability. A flaw is present in the application, which fails to properly handle meeting invitation requests. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:37004 The host is installed with Microsoft Exchange Server 2013 or 2016 and is prone to an open redirect vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted URL. Successful exploitation could allow attackers to trick the user and potentially acquire sens ... oval:org.secpod.oval:def:37003 The host is missing a critical security update according to Microsoft security bulletin, MS16-108. The update requires to fix multiple vulnerabilities. The flaws are present in the applications, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary co ... oval:org.secpod.oval:def:37002 Microsoft Exchange Server 2016 Cumulative Update 2 is installed oval:org.secpod.oval:def:40659 The host is installed with Microsoft malware protection engine before 1.1.13804.0 for Microsoft Forefront Security for SharePoint, Windows Defender or Microsoft Security Essentials and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafte ... oval:org.secpod.oval:def:40660 The host is installed with Microsoft malware protection engine before 1.1.13804.0 for Microsoft Forefront Security for SharePoint, Windows Defender or Microsoft Security Essentials and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a cr ... oval:org.secpod.oval:def:40663 The host is installed with Microsoft malware protection engine before 1.1.13804.0 for Microsoft Forefront Security for SharePoint, Windows Defender or Microsoft Security Essentials and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a cr ... oval:org.secpod.oval:def:40664 The host is installed with Microsoft malware protection engine before 1.1.13804.0 for Microsoft Forefront Security for SharePoint, Windows Defender or Microsoft Security Essentials and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafte ... oval:org.secpod.oval:def:40661 The host is installed with Microsoft malware protection engine before 1.1.13804.0 for Microsoft Forefront Security for SharePoint, Windows Defender or Microsoft Security Essentials and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a cr ... oval:org.secpod.oval:def:40662 The host is installed with Microsoft malware protection engine before 1.1.13804.0 for Microsoft Forefront Security for SharePoint, Windows Defender or Microsoft Security Essentials and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafte ... oval:org.secpod.oval:def:40665 The host is installed with Microsoft malware protection engine before 1.1.13804.0 for Microsoft Forefront Security for SharePoint, Windows Defender or Microsoft Security Essentials and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafte ... oval:org.secpod.oval:def:40666 The host is installed with Microsoft malware protection engine before 1.1.13804.0 for Microsoft Forefront Security for SharePoint, Windows Defender or Microsoft Security Essentials and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafte ... oval:org.secpod.oval:def:39302 The host is installed with Microsoft Exchange Server 2013 or 2016 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle a web request. Successful exploitation could allow attackers to perform script/content injection attacks, an ... oval:org.secpod.oval:def:39304 Microsoft Exchange Server 2016 Cumulative Update 3 is installed oval:org.secpod.oval:def:39305 The host is missing an important security update according to Microsoft security bulletin, MS17-015. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle a web request. Successful exploitation could allow attacker ... oval:org.secpod.oval:def:41257 Microsoft Exchange Server 2016 Cumulative Update 5 is installed oval:org.secpod.oval:def:41258 The host is installed with Microsoft Exchange Server 2010, 2013 or 2016 and is prone to an open redirect vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted URL. Successful exploitation could allow attackers to acquire sensitive information, such a ... oval:org.secpod.oval:def:41255 The host is missing a moderate severity security update KB4018588 oval:org.secpod.oval:def:41259 The host is installed with Microsoft Exchange Server 2013 or 2016 and is prone to an cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle a crafted email message containing a malicious link. Successful exploitation could allow attackers to perform ... oval:org.secpod.oval:def:41260 The host is installed with Microsoft Exchange Server 2013 or 2016 and is prone to an cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle a crafted email message containing a malicious link. Successful exploitation could allow attackers to perform ... oval:org.secpod.oval:def:41991 An input sanitization issue exists with Microsoft Exchange Server that could potentially result in unintended Information Disclosure. An attacker who successfully exploited the vulnerability could identify the existence of RFC1918 addresses on the local network from a client on the Internet. An atta ... oval:org.secpod.oval:def:42046 The host is missing an important security update KB4036108 oval:org.secpod.oval:def:41994 An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests. An attacker who successfully exploited this vulnerability could perform script/content injection attacks and attempt to trick the user into disclosing sensitive info ... oval:org.secpod.oval:def:41993 Microsoft Exchange Server 2016 Cumulative Update 6 is installed oval:org.secpod.oval:def:43175 A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests. An attacker who successfully exploited the vulnerability could perform script or content injection attacks, and attempt to trick the user into disclosing sensitive inform ... oval:org.secpod.oval:def:43178 The host is missing a security update ADV170023 oval:org.secpod.oval:def:43177 The host is missing an important security update KB4045655 oval:org.secpod.oval:def:43176 Microsoft Exchange Server 2016 Cumulative Update 7 is installed oval:org.secpod.oval:def:44683 An information disclosure vulnerability exists in the way that Microsoft Exchange Server handles URL redirects. If an impacted user is using Microsoft Exchange Outlook Web Access (OWA) Light, the vulnerability could allow an attacker to discover sensitive information that should otherwise not be dis ... oval:org.secpod.oval:def:44684 An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly sanitize links presented to users. An attacker who successfully exploited this vulnerability could override the OWA interface with a fake login page and attempt to trick the user into di ... oval:org.secpod.oval:def:44685 An information disclosure vulnerability exists in the way that Microsoft Exchange Server handles importing data. If an impacted user is using Microsoft Exchange Outlook Web Access (OWA), the vulnerability could allow an attacker to discover sensitive information that should otherwise not be disclose ... oval:org.secpod.oval:def:44680 The host is missing an important security update KB4073392 oval:org.secpod.oval:def:44682 Microsoft Exchange Server 2016 Cumulative Update 8 is installed oval:org.secpod.oval:def:45358 An information disclosure vulnerability exists when Microsoft Exchange improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the remote system. To exploit the vulnerability, an attacker would send a specially-cr ... oval:org.secpod.oval:def:45360 Microsoft Exchange Server 2016 Cumulative Update 9 is installed oval:org.secpod.oval:def:45365 A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. An attacker could then install programs; view ... oval:org.secpod.oval:def:45366 The host is missing an important security update KB4092041 oval:org.secpod.oval:def:45362 An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests. An attacker who successfully exploited this vulnerability could perform script/content injection attacks and attempt to trick the user into disclosing sensitive info ... oval:org.secpod.oval:def:45363 A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests. An attacker who successfully exploited the vulnerability could perform script or content injection attacks, and attempt to trick the user into disclosing sensitive inform ... oval:org.secpod.oval:def:45364 A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. An attacker could then install programs; view ... oval:org.secpod.oval:def:47100 The host is missing a critical security update KB4340731 oval:org.secpod.oval:def:47096 Microsoft Exchange Server 2016 Cumulative Update 10 is installed oval:org.secpod.oval:def:47098 A tampering vulnerability exists when Microsoft Exchange Server fails to properly handle profile data. An attacker who successfully exploited this vulnerability could modify a targeted user's profile data. To exploit the vulnerability, an attacker would need to be authenticated on an affected Exchan ... oval:org.secpod.oval:def:47094 A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. An attacker could then install programs; view ... oval:org.secpod.oval:def:49686 Microsoft Exchange Server 2016 Cumulative Update 11 is installed oval:org.secpod.oval:def:49687 The host is missing an important security update KB4468741 oval:org.secpod.oval:def:49685 The host is installed with Microsoft Exchange Server 2016 and is prone to a tampering vulnerability. A flaw is present in the application, which fails to properly handle profile data. Successful exploitation could allow attackers to modify a targeted user's profile data. oval:org.secpod.oval:def:54146 Microsoft Exchange Server 2016 Cumulative Update 12 is installed oval:org.secpod.oval:def:55364 The host is missing a security update KB4503027. oval:org.secpod.oval:def:57246 Microsoft Exchange Server 2016 Cumulative Update 13 is installed oval:org.secpod.oval:def:57253 The host is missing an important security update for KB4509409. oval:org.secpod.oval:def:57255 An elevation of privilege vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could gain the same rights as any other user of the Exchange server. This could allow the attacker to perform activities such as accessing the mailboxes of other use ... oval:org.secpod.oval:def:59633 Microsoft Exchange Server 2016 Cumulative Update 14 is installed oval:org.secpod.oval:def:61272 Microsoft Exchange Server 2016 Cumulative Update 13 is installed oval:org.secpod.oval:def:61924 Microsoft Exchange Server 2016 Cumulative Update 15 is installed oval:org.secpod.oval:def:65456 Microsoft Exchange Server 2016 Cumulative Update 17 is installed oval:org.secpod.oval:def:65457 Microsoft Exchange Server 2016 Cumulative Update 16 is installed oval:org.secpod.oval:def:66024 Microsoft Exchange Server 2016 Cumulative Update 18 is installed oval:org.secpod.oval:def:79002 The host is missing an important security update for KB4602269. oval:org.secpod.oval:def:49119 The host is installed with Microsoft Exchange Server 2010, 2013, 2016 or 2019 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle authentication requests. Successful exploitation could allow attackers to impersonate any other use ... oval:org.secpod.oval:def:50066 The host is installed with Microsoft Exchange Server 2010, 2013 or 2016 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle the PowerShell API. Successful exploitation could allow attackers to view additional details about the ... oval:org.secpod.oval:def:50067 The host is installed with Microsoft Exchange Server 2016 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to run arbitrary code in the context of the system us ... oval:org.secpod.oval:def:50068 The host is missing an important security update KB4471389 oval:org.secpod.oval:def:54145 The host is missing an important security update KB4487563 oval:org.secpod.oval:def:50611 The host is missing a security update for ADV190007 oval:org.secpod.oval:def:55366 The host is missing a security update for ADV190018. oval:org.secpod.oval:def:54147 A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests. An attacker who successfully exploited the vulnerability could perform script or content injection attacks, and attempt to trick the user into disclosing sensitive inform ... oval:org.secpod.oval:def:54148 A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests. An attacker who successfully exploited the vulnerability could perform script or content injection attacks, and attempt to trick the user into disclosing sensitive inform ... oval:org.secpod.oval:def:50706 The host is installed with Microsoft Exchange Server 2010, 2013 or 2016 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle the Exchange Web Services (EWS) and Push Notifications. Successful exploitation allows attackers to ga ... oval:org.secpod.oval:def:50707 The host is installed with Microsoft Exchange Server 2010, 2013 or 2016 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle the Exchange Web Services (EWS) and Push Notifications. Successful exploitation allows attackers to ga ... oval:org.secpod.oval:def:50708 The host is missing a security update for ADV190004 oval:org.secpod.oval:def:57254 A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected server.The attac ... oval:org.secpod.oval:def:58503 A denial of service vulnerability exists in Microsoft Exchange Server software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system. Exploitation of the vulnerability requires th ... oval:org.secpod.oval:def:58504 The host is missing an important security update for KB4515832. oval:org.secpod.oval:def:58505 A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web App (OWA) fails to properly handle web requests. An attacker who successfully exploited the vulnerability could perform script or content injection attacks, and attempt to trick the user into disclosing sensitive informati ... oval:org.secpod.oval:def:59634 The host is missing a critical security update for KB4523171. oval:org.secpod.oval:def:59631 A remote code execution vulnerability exists in Microsoft Exchange through the deserialization of metadata via PowerShell. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the logged in user. Exploitation of this vulnerability requires that a user r ... oval:org.secpod.oval:def:61925 The host is missing an important security update KB4540123 oval:org.secpod.oval:def:61923 A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected server. The atta ... oval:org.secpod.oval:def:61273 A remote code execution vulnerability exists in Microsoft Exchange Server when the server fails to properly create unique keys at install time. Knowledge of a the validation key allows an authenticated user with a mailbox to pass arbitrary objects to be deserialized by the web application, which run ... oval:org.secpod.oval:def:61271 An elevation of privilege vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could gain the same rights as any other user of the Exchange server. This could allow the attacker to perform activities such as accessing the mailboxes of other use ... oval:org.secpod.oval:def:61276 The host is missing an important security update for KB4536987. oval:org.secpod.oval:def:65455 A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. Exploitation of the vulnerability requires an authenticated u ... oval:org.secpod.oval:def:65458 The host is missing a critical security update KB4577352 oval:org.secpod.oval:def:66023 An information disclosure vulnerability exists in how Microsoft Exchange validates tokens when handling certain messages. An attacker who successfully exploited the vulnerability could use this to gain further information from a user. To exploit the vulnerability, an attacker could include specially ... oval:org.secpod.oval:def:66025 The host is missing a critical security update KB4581424 oval:org.secpod.oval:def:66893 The host is installed with Microsoft Exchange Server products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attacker to execute arbitrary code. oval:org.secpod.oval:def:66892 The host is installed with Microsoft Exchange Server products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attacker to execute arbitrary code. oval:org.secpod.oval:def:66895 The host is missing an important security update KB4588741 oval:org.secpod.oval:def:66894 The host is installed with Microsoft Exchange Server products and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow an attacker to cause a denial of service attack. oval:org.secpod.oval:def:67654 The host is installed with Microsoft Exchange Server products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle improper validation of cmdlet arguments. Successful exploitation could allow a remote attacker to execute arbitrary code. oval:org.secpod.oval:def:67656 The host is installed with Microsoft Exchange Server products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle improper validation of cmdlet arguments. Successful exploitation could allow a remote attacker to execute arbitrary code. oval:org.secpod.oval:def:67655 The host is installed with Microsoft Exchange Server products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle improper validation of cmdlet arguments. Successful exploitation could allow a remote attacker to execute arbitrary code. oval:org.secpod.oval:def:67658 The host is installed with Microsoft Exchange Server products and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow an attacker to obtain sensitive information. oval:org.secpod.oval:def:67657 The host is installed with Microsoft Exchange Server products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle improper validation of cmdlet arguments. Successful exploitation could allow a remote attacker to execute arbitrary code. oval:org.secpod.oval:def:79004 The host is installed with Microsoft Exchange Server products and is prone to a server spoofing execution vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attacker to perform spoofing attacks. oval:org.secpod.oval:def:67661 The host is missing an important security update KB4593465 oval:org.secpod.oval:def:69019 Microsoft Exchange Server 2016 Cumulative Update 19 is installed oval:org.secpod.oval:def:69018 The host is missing an important security update for KB4602269. oval:org.secpod.oval:def:69021 The host is installed with Microsoft Exchange Server products and is prone to a server spoofing execution vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attacker to perform spoofing attacks. oval:org.secpod.oval:def:71820 The host is missing a critical security update for KB5003435. oval:org.secpod.oval:def:71817 The host is installed with Microsoft Exchange Server products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attacker to execute arbitrary code. oval:org.secpod.oval:def:71816 The host is installed with Microsoft Exchange Server products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attacker to execute arbitrary code. oval:org.secpod.oval:def:71819 The host is installed with Microsoft Exchange Server products and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow an attacker to perform spoofing attacks. oval:org.secpod.oval:def:71818 The host is installed with Microsoft Exchange Server products and is prone to a security feature bypass vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow an attacker to bypass security features. oval:org.secpod.oval:def:70934 The host is installed with Microsoft Exchange Server products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attackers to execute arbitrary code. oval:org.secpod.oval:def:70935 The host is installed with Microsoft Exchange Server products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attackers to execute arbitrary code. oval:org.secpod.oval:def:70936 The host is installed with Microsoft Exchange Server products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attackers to execute arbitrary code. oval:org.secpod.oval:def:70937 The host is missing a critical security update for KB5001779. oval:org.secpod.oval:def:70931 The host is installed with Microsoft Exchange Server products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attackers to execute arbitrary code. oval:org.secpod.oval:def:75268 Microsoft Exchange Server 2016 Cumulative Update 22 is installed oval:org.secpod.oval:def:75802 The host is installed with Microsoft Exchange Server 2013, 2016 or 2019 and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could leads to unspecified impact. oval:org.secpod.oval:def:75801 The host is installed with Microsoft Exchange Server 2013, 2016 or 2019 and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could leads to unspecified impact. oval:org.secpod.oval:def:75800 The host is installed with Microsoft Exchange Server 2016 or 2019 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could leads to unspecified impact. oval:org.secpod.oval:def:78025 Microsoft Exchange Server Spoofing Vulnerability. An authenticated attacker could make a specially crafted network call to the target Exchange Server that causes the parsing of an http request made to an attacker-controlled server. This could lead to the disclosure of files from the target Exchange ... oval:org.secpod.oval:def:78026 Microsoft Exchange Server Spoofing Vulnerability. An authenticated attacker could make a specially crafted network call to the target Exchange Server that causes the parsing of an http request made to an attacker-controlled server. This could lead to the disclosure of files from the target Exchange ... oval:org.secpod.oval:def:77049 Microsoft Exchange Server Remote Code Execution Vulnerability. This vulnerability's attack is limited at the protocol level to a logically adjacent topology. This means it cannot simply be done across the internet, but instead needs something specific tied to the target. Good examples would include ... oval:org.secpod.oval:def:75275 The host is installed with Microsoft Exchange Server products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could leads to unspecified impact. oval:org.secpod.oval:def:75274 The host is installed with Microsoft Exchange Server products and is prone to a denial of Service vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could leads to unspecified impact. oval:org.secpod.oval:def:75273 The host is installed with Microsoft Exchange Server products and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could leads to unspecified impact. oval:org.secpod.oval:def:75272 The host is installed with Microsoft Exchange Server products and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could leads to unspecified impact. oval:org.secpod.oval:def:75271 The host is missing an important security update for KBKB5007012. oval:org.secpod.oval:def:77051 Microsoft Exchange Server Remote Code Execution Vulnerability. This vulnerability's attack is limited at the protocol level to a logically adjacent topology. This means it cannot simply be done across the internet, but instead needs something specific tied to the target. Good examples would include ... oval:org.secpod.oval:def:77050 Microsoft Exchange Server Remote Code Execution Vulnerability. This vulnerability's attack is limited at the protocol level to a logically adjacent topology. This means it cannot simply be done across the internet, but instead needs something specific tied to the target. Good examples would include ... oval:org.secpod.oval:def:75266 The host is missing an important security update for KBKB5007011. oval:org.secpod.oval:def:87565 The host is installed with Microsoft Exchange Server 2013, 2016 or 2019 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle malicious network call. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:87566 The host is installed with Microsoft Exchange Server 2016 or 2019 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle malicious network call. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:87563 The host is installed with Microsoft Exchange Server 2013, 2016 or 2019 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle malicious network call. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:87564 The host is installed with Microsoft Exchange Server 2013, 2016 or 2019 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle malicious network call. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:82703 The host is installed with Microsoft Exchange Server 2016, 2019 or 2013 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attacker to read targeted email messages. oval:org.secpod.oval:def:79899 Microsoft Exchange Server Elevation of Privilege Vulnerability. Successful exploitation of this vulnerability requires the attacker to be authenticated to the Exchange Server as a member of a high privileged group. In this case, an attacker with elevated privileges on the Exchange server could gain ... oval:org.secpod.oval:def:82702 The host is installed with Microsoft Exchange Server 2016 or 2019 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attacker to read targeted email messages. oval:org.secpod.oval:def:82707 The host is installed with Microsoft Exchange Server 2013, 2016 or 2019 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to read targeted email messages. oval:org.secpod.oval:def:82706 The host is installed with Microsoft Exchange Server 2013, 2016 or 2019 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could leads to unspecified impact. oval:org.secpod.oval:def:82705 The host is installed with Microsoft Exchange Server 2013, 2016 or 2019 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could leads to unspecified impact. oval:org.secpod.oval:def:82704 The host is installed with Microsoft Exchange Server 2016, 2019 or 2013 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could leads to take control over the mailboxes of all Exchange users. oval:org.secpod.oval:def:86679 The host is installed with Microsoft Exchange Server 2016 or 2019 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to have an unspecified impact. oval:org.secpod.oval:def:86678 The host is installed with Microsoft Exchange Server 2016 or 2019 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to have an unspecified impact. oval:org.secpod.oval:def:86675 The host is installed with Microsoft Exchange Server 2016 or 2019 and is prone to a server spoofing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to have an unspecified impact. oval:org.secpod.oval:def:86677 The host is installed with Microsoft Exchange Server 2013, 2016 or 2019 and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to have an unspecified impact. oval:org.secpod.oval:def:86676 The host is installed with Microsoft Exchange Server 2016 or 2019 and is prone to a information disclosure vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to have an unspecified impact. oval:org.secpod.oval:def:85403 The host is installed with Microsoft Exchange Server 2013, 2016 or 2019 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to have an unspecified impact. oval:org.secpod.oval:def:85402 The host is installed with Microsoft Exchange Server 2013, 2016 or 2019 and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to have an unspecified impact. oval:org.secpod.oval:def:85401 The host is installed with Microsoft Exchange Server 2013, 2016 or 2019 and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to have an unspecified impact. oval:org.secpod.oval:def:85400 The host is installed with Microsoft Exchange Server 2016 or 2019 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to have an unspecified impact. oval:org.secpod.oval:def:85516 The host is missing a critical security update for KB5019758. oval:org.secpod.oval:def:91831 The host is installed with Microsoft Exchange Server 2016 or 2019 and is prone to an elevation of privileges vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to login as another user successfully. oval:org.secpod.oval:def:91833 The host is installed with Microsoft Exchange Server 2016 or 2019 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a PowerShell remoting session. Successful exploitation allows an authenticated attacker to gain remote code execution r ... oval:org.secpod.oval:def:91832 The host is installed with Microsoft Exchange Server 2016 or 2019 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to access a user's Net-NTLMv2 hash which could be used as ... oval:org.secpod.oval:def:91835 The host is installed with Microsoft Exchange Server 2016 or 2019 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a PowerShell remoting session. Successful exploitation allows an authenticated attacker who is on the same intranet as ... oval:org.secpod.oval:def:91834 The host is installed with Microsoft Exchange Server 2016 or 2019 and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle a PowerShell remoting session. Successful exploitation allows an attacker to access a user's Net-NTLMv2 hash which could be used as ... oval:org.secpod.oval:def:91837 The host is missing an important security update for KB5030524. oval:org.secpod.oval:def:91836 The host is installed with Microsoft Exchange Server 2016 or 2019 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a network call. Successful exploitation allows an attacker to achieve remote code execution. oval:org.secpod.oval:def:93607 Microsoft Exchange Server Remote Code Execution Vulnerability. oval:org.secpod.oval:def:93007 Microsoft Exchange Server Spoofing Vulnerability. oval:org.secpod.oval:def:93008 Microsoft Exchange Server Information Disclosure Vulnerability. oval:org.secpod.oval:def:93005 Microsoft Exchange Server Remote Code Execution Vulnerability. oval:org.secpod.oval:def:93006 Microsoft Exchange Server Remote Code Execution Vulnerability. oval:org.secpod.oval:def:93004 Microsoft Exchange Server Remote Code Execution Vulnerability. oval:org.secpod.oval:def:57245 An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain invisibl ... oval:org.secpod.oval:def:97947 The host is installed with Microsoft Exchange Server 2016 or 2019 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle the NTLM client. Successful exploitation could allow attackers to relay a user's leaked Net-NTLMv2 hash against a vul ... |