What is CVE-2019-0588?

CVE-2019-0588 is a vulnerability in Microsoft Exchange Server. Published 2019-01-08.

Is CVE-2019-0588 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Exchange Server

CVE-2019-0588

An information disclosure vulnerability exists when the Microsoft Exchange PowerShell API grants calendar contributors more view permissions than intended, aka "Microsoft Exchange Information Disclosure Vulnerability." This affects Microso…

EPSS: 0.012 (79.7th percentile) — read the EPSS interpretation.

Affected products

Microsoft Exchange Server — versions 2010 Service Pack 3 Update Rollup 25, 2013 Cumulative Update 21, 2016 Cumulative Update 10

Public proof-of-concept exploits

eeenvik1/scripts_

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0588 (x_refsource_CONFIRM)
106437 (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2019-0588?: CVE-2019-0588 is a vulnerability in Microsoft Exchange Server. Published 2019-01-08.
Is CVE-2019-0588 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.