| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| CVE-2022-24463 | Microsoft Exchange Server Spoofing Vulnerability | Microsoft Exchange Server 2019 | Important | 14-03-2022 |
Technical Information
Brief overview of the risk:
An information disclosure vulnerability in Microsoft Exchange Server can be exploited by an authenticated attacker by sending a specially crafted network call to the target Exchange Server. Parsing this HTTP request could lead to the disclosure of files.
Further information on this vulnerability is available at : CVE-2022-24463
Affected Software
Microsoft Exchange Server 2016 Cumulative Update 21,Microsoft Exchange Server 2019 Cumulative Update 10,
Microsoft Exchange Server 2016 Cumulative Update 22,
Microsoft Exchange Server 2019 Cumulative Update 11