Vulnerability in Microsoft Exchange Server
CVE-2019-0858
A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests, aka 'Microsoft Exchange Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-0817.
EPSS: 0.008 (74.2th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Exchange Server — versions 2019
- Microsoft Exchange Server 2013 — versions Cumulative Update 22
- Microsoft Exchange Server 2016 — versions Cumulative Update 11, Cumulative Update 12
- Microsoft Exchange Server 2019 — versions Cumulative Update 1
References
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0858 (x_refsource_MISC)