Download
| Alert*
|
oval:org.secpod.oval:def:57253
The host is missing an important security update for KB4509409. oval:org.secpod.oval:def:57246 Microsoft Exchange Server 2016 Cumulative Update 13 is installed oval:org.secpod.oval:def:57255 An elevation of privilege vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could gain the same rights as any other user of the Exchange server. This could allow the attacker to perform activities such as accessing the mailboxes of other use ... oval:org.secpod.oval:def:58503 A denial of service vulnerability exists in Microsoft Exchange Server software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system. Exploitation of the vulnerability requires th ... oval:org.secpod.oval:def:58504 The host is missing an important security update for KB4515832. oval:org.secpod.oval:def:58505 A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web App (OWA) fails to properly handle web requests. An attacker who successfully exploited the vulnerability could perform script or content injection attacks, and attempt to trick the user into disclosing sensitive informati ... oval:org.secpod.oval:def:57254 A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected server.The attac ... oval:org.secpod.oval:def:59634 The host is missing a critical security update for KB4523171. oval:org.secpod.oval:def:59631 A remote code execution vulnerability exists in Microsoft Exchange through the deserialization of metadata via PowerShell. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the logged in user. Exploitation of this vulnerability requires that a user r ... oval:org.secpod.oval:def:57245 An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain invisibl ... |
