CVE-2019-1266
Description
A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web App (OWA) fails to properly handle web requests, aka Microsoft Exchange Spoofing Vulnerability.
Risk Information
Base Score
6.1
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score
Exploitation Probability
0.382
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Microsoft Exchange Spoofing Vulnerability For Exchange Server 2016 CU12 (KB4515832) | Windows |
| Microsoft Exchange Spoofing Vulnerability For Exchange Server 2016 CU13 (KB4515832) | Windows |
| Microsoft Exchange Spoofing Vulnerability For Exchange Server 2019 CU1 (KB4515832) | Windows |
| Microsoft Exchange Spoofing Vulnerability For Exchange Server 2019 CU2 (KB4515832) | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-27495 | Security Update For Exchange Server 2016 CU12 (KB4515832) |
| PATCH-27496 | Security Update For Exchange Server 2016 CU13 (KB4515832) |
| PATCH-27497 | Security Update For Exchange Server 2019 CU1 (KB4515832) |
| PATCH-27498 | Security Update For Exchange Server 2019 CU2 (KB4515832) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234