Microsoft Exchange Server 2010 SP3, Exchange Server 2013 SP3, Exchange Server 2013 CU16, and Exchange Server 2016 CU5 allows an open redirect vulnerability that could lead to spoofing, aka "Microsoft Exchange Open Redirect Vulnerability".
References
Link | Resource |
---|---|
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8621 | Patch Vendor Advisory |
http://www.securitytracker.com/id/1038852 | Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/99533 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
Information
Published : 2017-07-11 14:29
Updated : 2017-07-17 11:48
NVD link : CVE-2017-8621
Mitre link : CVE-2017-8621
JSON object : View
CWE
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
Products Affected
microsoft
- exchange_server