[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

Paid content will be excluded from the download.


Download | Alert*
OVAL

Microsoft Exchange Spoofing Vulnerability - CVE-2018-8153

ID: oval:org.secpod.oval:def:45363Date: (C)2018-05-09   (M)2024-03-26
Class: VULNERABILITYFamily: windows




A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests. An attacker who successfully exploited the vulnerability could perform script or content injection attacks, and attempt to trick the user into disclosing sensitive information. An attacker could also redirect the user to a malicious website that could spoof content or be used as a pivot to chain an attack with other vulnerabilities in web services. To exploit the vulnerability, an attacker could send a specially crafted email containing a malicious link to a user.

Platform:
Microsoft Windows 10
Microsoft Windows 7
Microsoft Windows 8.1
Microsoft Windows 8
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016
Product:
Microsoft Exchange Server 2016
Reference:
CVE-2018-8153
CVE    1
CVE-2018-8153
CPE    3
cpe:/a:microsoft:exchange_server:2016
cpe:/a:microsoft:exchange_server:2016:cu8
cpe:/a:microsoft:exchange_server:2016:cu9

© SecPod Technologies