Download
| Alert*
|
oval:org.secpod.oval:def:61272
Microsoft Exchange Server 2016 Cumulative Update 13 is installed oval:org.secpod.oval:def:61924 Microsoft Exchange Server 2016 Cumulative Update 15 is installed oval:org.secpod.oval:def:61273 A remote code execution vulnerability exists in Microsoft Exchange Server when the server fails to properly create unique keys at install time. Knowledge of a the validation key allows an authenticated user with a mailbox to pass arbitrary objects to be deserialized by the web application, which run ... oval:org.secpod.oval:def:61925 The host is missing an important security update KB4540123 oval:org.secpod.oval:def:61271 An elevation of privilege vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could gain the same rights as any other user of the Exchange server. This could allow the attacker to perform activities such as accessing the mailboxes of other use ... oval:org.secpod.oval:def:61923 A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected server. The atta ... oval:org.secpod.oval:def:61276 The host is missing an important security update for KB4536987. |
