KLA10598
Multiple vulnerabilities in Microsoft Exchange Server
Обновлено: 17/06/2019
Дата обнаружения
09/06/2015
Уровень угрозы
Critical
Описание

Multiple serious vulnerabilities have been found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to gain privileges or obtain sensitive information.

Below is a complete list of vulnerabilities

  1. Improper same-origin policy handling can be exploited remotely via a specially designed request;
  2. Improper user session management can be exploited remotely via a specially designed web site.
Пораженные продукты

Microsoft Exchange Server 2013 Service Pack 1
Microsoft Exchange Server 2013 Cumulative Update 8

Решение

Update to the latest version

Первичный источник обнаружения
Microsoft Security bulletin
CVE-2015-1764
CVE-2015-1771
CVE-2015-2359
Оказываемое влияние
?
OSI 
[?]

PE 
[?]
Связанные продукты
Microsoft Exchange Server
CVE-IDS
CVE-2015-17644.3Warning
CVE-2015-17716.8High
CVE-2015-23594.3Warning
Microsoft official advisories
Microsoft Security Update Guide
KB list

3062157