KLA10598
Multiple vulnerabilities in Microsoft Exchange Server
Updated: 06/01/2019
Detect date
?
06/09/2015
Severity
?
Critical
Description

Multiple serious vulnerabilities have been found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to gain privileges or obtain sensitive information.

Below is a complete list of vulnerabilities

  1. Improper same-origin policy handling can be exploited remotely via a specially designed request;
  2. Improper user session management can be exploited remotely via a specially designed web site.
Affected products

Microsoft Exchange Server 2013 Service Pack 1
Microsoft Exchange Server 2013 Cumulative Update 8

Solution

Update to the latest version

Original advisories

Microsoft Security bulletin
CVE-2015-1764
CVE-2015-1771
CVE-2015-2359

Impacts
?
OSI 
[?]

PE 
[?]
Related products
Microsoft Exchange Server
CVE-IDS
?
CVE-2015-17644.3Warning
CVE-2015-17716.8High
CVE-2015-23594.3Warning
Microsoft official advisories
Microsoft Security Update Guide
KB list

3062157