Vulnerabilities Threats

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

KLA10982
Privilege escalation vulnerability in Microsoft Exchange Server
Updated: 05/22/2020
Detect date
?
 03/14/2017
Severity
?
 Warning
Description

An improper handling of web requests was found in Microsoft Outlook Web Access. By exploiting this vulnerability malicious users can gain privileges. A successful exploit allows attackers to perform content/script injection attacks, make user disclose sensitive information. This vulnerability can be exploited remotely via a specially designed email containing a malicious link.
Affected products

Microsoft Exchange Server 2013 Service Pack 1
Microsoft Exchange Server 2013 Cumulative Update 14
Microsoft Exchange Server 2016 Cumulative Update 3
Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories

MS17-015
CVE-2017-0110
Impacts
?
PE 
[?]
Related products
 Microsoft Exchange Server
CVE-IDS
?
CVE-2017-01104.3Warning
Microsoft official advisories
 Microsoft Security Update Guide
KB list

4012178
© 2020 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy

Up