|CVE-2022-24463||Microsoft Exchange Server Spoofing Vulnerability||Microsoft Exchange Server 2019||Important||14-03-2022|
Brief overview of the risk:
An information disclosure vulnerability in Microsoft Exchange Server can be exploited by an authenticated attacker by sending a specially crafted network call to the target Exchange Server. Parsing this HTTP request could lead to the disclosure of files.
Further information on this vulnerability is available at : CVE-2022-24463
Affected SoftwareMicrosoft Exchange Server 2016 Cumulative Update 21,
Microsoft Exchange Server 2019 Cumulative Update 10,
Microsoft Exchange Server 2016 Cumulative Update 22,
Microsoft Exchange Server 2019 Cumulative Update 11