CVE-2019-0588
Description
An information disclosure vulnerability exists when the Microsoft Exchange PowerShell API grants calendar contributors more view permissions than intended, aka Microsoft Exchange Information Disclosure Vulnerability. This affects Microsoft Exchange Server.
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
2.042
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Microsoft Exchange Memory Corruption Vulnerability for Microsoft Exchange Server 2013 (KB4471389) | Windows |
| Microsoft Exchange Memory Corruption Vulnerability for Microsoft Exchange Server 2019, 2016, and 2013 (KB4471389) x64 bases systems | Windows |
| Microsoft Exchange Memory Corruption Vulnerability for Microsoft Exchange Server 2019, 2016, and 2013 (KB4471389) | Windows |
| Microsoft Exchange Information Disclosure Vulnerability for Exchange Server 2010 Service Pack 3 (KB4468742) | Windows |
| Microsoft Exchange Memory Corruption Vulnerability for Microsoft Exchange Server 2019, 2016, and 2013 (KB4471389_CU11) x64 bases systems | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-26011 | Description of the security update for Microsoft Exchange Server 2013 (KB4471389) |
| PATCH-26012 | Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013 (KB4471389) |
| PATCH-26015 | Update Rollup 25 for Exchange Server 2010 Service Pack 3 (KB4468742) |
| PATCH-26013 | Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013 (KB4471389) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234