Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-49040 (GCVE-0-2024-49040)
Vulnerability from cvelistv5
Published
2024-11-12 17:53
Modified
2025-07-08 15:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-451 - User Interface (UI) Misrepresentation of Critical Information
Summary
Microsoft Exchange Server Spoofing Vulnerability
References
| URL | Tags | ||||||
|---|---|---|---|---|---|---|---|
|
|||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Exchange Server 2019 Cumulative Update 13 |
Version: 15.02.0 < 15.02.1258.039 |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49040",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:23:46.078959Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T17:29:52.529Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft Exchange Server 2019 Cumulative Update 13",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.02.1258.039",
"status": "affected",
"version": "15.02.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft Exchange Server 2019 Cumulative Update 14",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.02.1544.014",
"status": "affected",
"version": "15.02.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft Exchange Server 2016 Cumulative Update 23",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.01.2507.044",
"status": "affected",
"version": "15.01.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:*:cumulative_update_13:*:*:*:*:*:*",
"versionEndExcluding": "15.02.1258.039",
"versionStartIncluding": "15.02.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:*:cumulative_update_14:*:*:*:*:*:*",
"versionEndExcluding": "15.02.1544.014",
"versionStartIncluding": "15.02.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:*:cumulative_update_23:*:*:*:*:*:*",
"versionEndExcluding": "15.01.2507.044",
"versionStartIncluding": "15.01.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2024-11-12T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Exchange Server Spoofing Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-451",
"description": "CWE-451: User Interface (UI) Misrepresentation of Critical Information",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T15:41:22.025Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft Exchange Server Spoofing Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49040"
}
],
"title": "Microsoft Exchange Server Spoofing Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2024-49040",
"datePublished": "2024-11-12T17:53:54.655Z",
"dateReserved": "2024-10-11T20:57:49.186Z",
"dateUpdated": "2025-07-08T15:41:22.025Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-49040\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2024-11-12T18:15:44.410\",\"lastModified\":\"2024-11-16T00:05:03.997\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Microsoft Exchange Server Spoofing Vulnerability\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de suplantaci\u00f3n de identidad en Microsoft Exchange Server\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-451\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"8039FBA1-73D4-4FF2-B183-0DCC961CBFF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"56728785-188C-470A-9692-E6C7235109CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_10:*:*:*:*:*:*\",\"matchCriteriaId\":\"63E362CB-CF75-4B7E-A4B1-D6D84AFCBB68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_11:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BE04790-85A2-4078-88CE-1787BC5172E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_12:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCF101BE-27FD-4E2D-A694-C606BD3D1ED7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_13:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DF5BDB5-205D-4B64-A49A-0152AFCF4A13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_14:*:*:*:*:*:*\",\"matchCriteriaId\":\"55284CF7-0D04-4216-83FE-4B1F9CA94207\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_15:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA2CE223-AA49-49E6-AC32-59270EFF55AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_16:*:*:*:*:*:*\",\"matchCriteriaId\":\"4830D6A9-AF74-480C-8F69-8648CD619980\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_17:*:*:*:*:*:*\",\"matchCriteriaId\":\"079E1E3F-FF25-4B0D-AC98-191D6455A014\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_18:*:*:*:*:*:*\",\"matchCriteriaId\":\"29805EC7-6403-44B9-91EC-109C087E98EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_19:*:*:*:*:*:*\",\"matchCriteriaId\":\"28FCA0E8-7D27-4746-9731-91B834CA3E64\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"996163E7-6F3F-4D3B-AEA4-62A7F7E1F54D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:*\",\"matchCriteriaId\":\"19C1EE0C-B8DD-4B91-BE4B-1C42D72FB718\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BE427A4-B0C2-4064-8234-29426325C348\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*\",\"matchCriteriaId\":\"449CE85B-E599-44D3-A7C1-5133F6A55E86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE401B0A-DDE4-4A36-8E27-6DB14E094BE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"450319C4-7C8F-43B7-B7F8-80DA4F1F2817\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_5:*:*:*:*:*:*\",\"matchCriteriaId\":\"23015889-48AF-40A5-862F-290E73A54E77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_6:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FC34516-D7E7-4AD9-9B45-5474831548E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_7:*:*:*:*:*:*\",\"matchCriteriaId\":\"5211792E-5292-41C0-B7E9-8AA63EC606EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_8:*:*:*:*:*:*\",\"matchCriteriaId\":\"075E907F-AF2F-4C31-86C7-51972BE412A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_9:*:*:*:*:*:*\",\"matchCriteriaId\":\"69AF19DC-3D65-49A8-A85F-511085CDF27B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2019:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"40D8A6DB-9225-4A3F-AD76-192F6CCCF002\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"051DE6C4-7456-4C42-BC51-253208AADB4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4185347-EEDD-4239-9AB3-410E2EC89D2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*\",\"matchCriteriaId\":\"435343A4-BF10-461A-ABF2-D511A5FBDA75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_12:*:*:*:*:*:*\",\"matchCriteriaId\":\"B23C8E3E-5243-4DA6-B9AA-F6053084B55E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE320413-D2C9-4B28-89BF-361B44A3F0FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"104F96DC-E280-4E0A-8586-B043B55888C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"73B3B3FE-7E85-4B86-A983-2C410FFEF4B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_5:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A9FB275-7F17-48B2-B528-BE89309D2AF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_6:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4AB3C25-CEA8-4D66-AEE4-953C8B17911A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_7:*:*:*:*:*:*\",\"matchCriteriaId\":\"36CE5C6D-9A04-41F5-AE7C-265779833649\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_8:*:*:*:*:*:*\",\"matchCriteriaId\":\"44ECF39A-1DE1-4870-A494-06A53494338D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:*\",\"matchCriteriaId\":\"71CDF29B-116B-4DE2-AFD0-B62477FF0AEB\"}]}]}],\"references\":[{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49040\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-49040\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-13T17:23:46.078959Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-13T17:28:48.579Z\"}}], \"cna\": {\"title\": \"Microsoft Exchange Server Spoofing Vulnerability\", \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C\"}, \"scenarios\": [{\"lang\": \"en-US\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Microsoft\", \"product\": \"Microsoft Exchange Server 2019 Cumulative Update 13\", \"versions\": [{\"status\": \"affected\", \"version\": \"15.02.0\", \"lessThan\": \"15.02.1258.039\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft Exchange Server 2019 Cumulative Update 14\", \"versions\": [{\"status\": \"affected\", \"version\": \"15.02.0\", \"lessThan\": \"15.02.1544.014\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft Exchange Server 2016 Cumulative Update 23\", \"versions\": [{\"status\": \"affected\", \"version\": \"15.01.0\", \"lessThan\": \"15.01.2507.044\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}], \"datePublic\": \"2024-11-12T08:00:00.000Z\", \"references\": [{\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49040\", \"name\": \"Microsoft Exchange Server Spoofing Vulnerability\", \"tags\": [\"vendor-advisory\"]}], \"descriptions\": [{\"lang\": \"en-US\", \"value\": \"Microsoft Exchange Server Spoofing Vulnerability\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"type\": \"CWE\", \"cweId\": \"CWE-451\", \"description\": \"CWE-451: User Interface (UI) Misrepresentation of Critical Information\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:microsoft:exchange_server:*:cumulative_update_13:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"15.02.1258.039\", \"versionStartIncluding\": \"15.02.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:exchange_server:*:cumulative_update_14:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"15.02.1544.014\", \"versionStartIncluding\": \"15.02.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:exchange_server:*:cumulative_update_23:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"15.01.2507.044\", \"versionStartIncluding\": \"15.01.0\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"shortName\": \"microsoft\", \"dateUpdated\": \"2025-07-08T15:41:22.025Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-49040\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-07-08T15:41:22.025Z\", \"dateReserved\": \"2024-10-11T20:57:49.186Z\", \"assignerOrgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"datePublished\": \"2024-11-12T17:53:54.655Z\", \"assignerShortName\": \"microsoft\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
ncsc-2024-0438
Vulnerability from csaf_ncscnl
Published
2024-11-12 18:56
Modified
2024-11-12 18:56
Summary
Kwetsbaarheid verholpen in Microsoft Exchange Server
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Microsoft heeft een kwetsbaarheid verholpen in Exchange Server.
Interpretaties
De kwetsbaarheid bevindt zich in de wijze waarop Exchange Server omgaat met P2 FROM headers die niet conform RFC zijn opgebouwd. Een kwaadwillende kan de kwetsbaarheid misbruiken om zich voor te doen als een andere gebruiker en uit naam van het slachtoffer e-mails te versturen.
Hoewel de server zelf weinig risico loopt op misbruik, kan een kwetsbare server misbruikt worden voor phishing-campagnes en andere malafide praktijken.
Additioneel aan deze update heeft Microsoft ook handelingsperspectieven gepubliceerd om deze kwetsbaarheid, en potentieel misbruik van misvormde P2 FROM headers, tegen te gaan.
Microsoft geeft aan signalen te hebben ontvangen dat informatie over deze kwetsbaarheid wordt gedeeld binnen diverse groepen.
Oplossingen
Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op:
https://portal.msrc.microsoft.com/en-us/security-guidance
Kans
medium
Schade
medium
CWE-641
Improper Restriction of Names for Files and Other Resources
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Microsoft heeft een kwetsbaarheid verholpen in Exchange Server.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheid bevindt zich in de wijze waarop Exchange Server omgaat met P2 FROM headers die niet conform RFC zijn opgebouwd. Een kwaadwillende kan de kwetsbaarheid misbruiken om zich voor te doen als een andere gebruiker en uit naam van het slachtoffer e-mails te versturen.\n\nHoewel de server zelf weinig risico loopt op misbruik, kan een kwetsbare server misbruikt worden voor phishing-campagnes en andere malafide praktijken.\n\nAdditioneel aan deze update heeft Microsoft ook handelingsperspectieven gepubliceerd om deze kwetsbaarheid, en potentieel misbruik van misvormde P2 FROM headers, tegen te gaan.\n\nMicrosoft geeft aan signalen te hebben ontvangen dat informatie over deze kwetsbaarheid wordt gedeeld binnen diverse groepen.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op:\n\nhttps://portal.msrc.microsoft.com/en-us/security-guidance",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "medium",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Restriction of Names for Files and Other Resources",
"title": "CWE-641"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"title": "Kwetsbaarheid verholpen in Microsoft Exchange Server",
"tracking": {
"current_release_date": "2024-11-12T18:56:25.729148Z",
"id": "NCSC-2024-0438",
"initial_release_date": "2024-11-12T18:56:25.729148Z",
"revision_history": [
{
"date": "2024-11-12T18:56:25.729148Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "exchange_server",
"product": {
"name": "exchange_server",
"product_id": "CSAFPID-549033",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:exchange_server:*:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "microsoft"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-49040",
"cwe": {
"id": "CWE-451",
"name": "User Interface (UI) Misrepresentation of Critical Information"
},
"notes": [
{
"category": "other",
"text": "User Interface (UI) Misrepresentation of Critical Information",
"title": "CWE-451"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-49040",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-49040.json"
}
],
"title": "CVE-2024-49040"
}
]
}
NCSC-2024-0438
Vulnerability from csaf_ncscnl
Published
2024-11-12 18:56
Modified
2024-11-12 18:56
Summary
Kwetsbaarheid verholpen in Microsoft Exchange Server
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Microsoft heeft een kwetsbaarheid verholpen in Exchange Server.
Interpretaties
De kwetsbaarheid bevindt zich in de wijze waarop Exchange Server omgaat met P2 FROM headers die niet conform RFC zijn opgebouwd. Een kwaadwillende kan de kwetsbaarheid misbruiken om zich voor te doen als een andere gebruiker en uit naam van het slachtoffer e-mails te versturen.
Hoewel de server zelf weinig risico loopt op misbruik, kan een kwetsbare server misbruikt worden voor phishing-campagnes en andere malafide praktijken.
Additioneel aan deze update heeft Microsoft ook handelingsperspectieven gepubliceerd om deze kwetsbaarheid, en potentieel misbruik van misvormde P2 FROM headers, tegen te gaan.
Microsoft geeft aan signalen te hebben ontvangen dat informatie over deze kwetsbaarheid wordt gedeeld binnen diverse groepen.
Oplossingen
Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op:
https://portal.msrc.microsoft.com/en-us/security-guidance
Kans
medium
Schade
medium
CWE-641
Improper Restriction of Names for Files and Other Resources
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Microsoft heeft een kwetsbaarheid verholpen in Exchange Server.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheid bevindt zich in de wijze waarop Exchange Server omgaat met P2 FROM headers die niet conform RFC zijn opgebouwd. Een kwaadwillende kan de kwetsbaarheid misbruiken om zich voor te doen als een andere gebruiker en uit naam van het slachtoffer e-mails te versturen.\n\nHoewel de server zelf weinig risico loopt op misbruik, kan een kwetsbare server misbruikt worden voor phishing-campagnes en andere malafide praktijken.\n\nAdditioneel aan deze update heeft Microsoft ook handelingsperspectieven gepubliceerd om deze kwetsbaarheid, en potentieel misbruik van misvormde P2 FROM headers, tegen te gaan.\n\nMicrosoft geeft aan signalen te hebben ontvangen dat informatie over deze kwetsbaarheid wordt gedeeld binnen diverse groepen.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op:\n\nhttps://portal.msrc.microsoft.com/en-us/security-guidance",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "medium",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Restriction of Names for Files and Other Resources",
"title": "CWE-641"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"title": "Kwetsbaarheid verholpen in Microsoft Exchange Server",
"tracking": {
"current_release_date": "2024-11-12T18:56:25.729148Z",
"id": "NCSC-2024-0438",
"initial_release_date": "2024-11-12T18:56:25.729148Z",
"revision_history": [
{
"date": "2024-11-12T18:56:25.729148Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "exchange_server",
"product": {
"name": "exchange_server",
"product_id": "CSAFPID-549033",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:exchange_server:*:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "microsoft"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-49040",
"cwe": {
"id": "CWE-451",
"name": "User Interface (UI) Misrepresentation of Critical Information"
},
"notes": [
{
"category": "other",
"text": "User Interface (UI) Misrepresentation of Critical Information",
"title": "CWE-451"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-49040",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-49040.json"
}
],
"title": "CVE-2024-49040"
}
]
}
CERTFR-2025-AVI-0097
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Mozilla. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Mozilla | Thunderbird ESR | Thunderbird ESR versions antérieures à 128.7 | ||
| Mozilla | Firefox ESR | Firefox ESR versions antérieures à 128.7 | ||
| Mozilla | Thunderbird ESR | Thunderbird versions antérieures à 115.20 | ||
| Mozilla | Thunderbird | Thunderbird versions antérieures à 135 | ||
| Mozilla | Firefox | Firefox versions antérieures à 135 | ||
| Mozilla | Firefox ESR | Firefox ESR versions antérieures à 115.20 |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Thunderbird ESR versions ant\u00e9rieures \u00e0 128.7",
"product": {
"name": "Thunderbird ESR",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Firefox ESR versions ant\u00e9rieures \u00e0 128.7",
"product": {
"name": "Firefox ESR",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Thunderbird versions ant\u00e9rieures \u00e0 115.20",
"product": {
"name": "Thunderbird ESR",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Thunderbird versions ant\u00e9rieures \u00e0 135",
"product": {
"name": "Thunderbird",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Firefox versions ant\u00e9rieures \u00e0 135",
"product": {
"name": "Firefox",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Firefox ESR versions ant\u00e9rieures \u00e0 115.20",
"product": {
"name": "Firefox ESR",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-49040",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49040"
},
{
"name": "CVE-2025-1010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1010"
},
{
"name": "CVE-2025-1016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1016"
},
{
"name": "CVE-2025-1019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1019"
},
{
"name": "CVE-2025-1020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1020"
},
{
"name": "CVE-2025-1011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1011"
},
{
"name": "CVE-2025-1009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1009"
},
{
"name": "CVE-2024-11704",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11704"
},
{
"name": "CVE-2025-1014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1014"
},
{
"name": "CVE-2025-1013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1013"
},
{
"name": "CVE-2025-1018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1018"
},
{
"name": "CVE-2025-1017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1017"
},
{
"name": "CVE-2025-0510",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0510"
},
{
"name": "CVE-2025-1015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1015"
},
{
"name": "CVE-2025-1012",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1012"
}
],
"initial_release_date": "2025-02-05T00:00:00",
"last_revision_date": "2025-02-05T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0097",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-02-05T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Mozilla. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Mozilla",
"vendor_advisories": [
{
"published_at": "2025-02-04",
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2025-08",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-08/"
},
{
"published_at": "2025-02-04",
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2025-11",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-11/"
},
{
"published_at": "2025-02-04",
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2025-07",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-07/"
},
{
"published_at": "2025-02-04",
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2025-09",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-09/"
},
{
"published_at": "2025-02-04",
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2025-10",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-10/"
}
]
}
CERTFR-2024-AVI-0978
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | N/A | Microsoft SQL Server 2017 pour systèmes x64 (GDR) versions antérieures à 14.0.2070.1 | ||
| Microsoft | N/A | Microsoft Visual Studio 2022 version 17.6 antérieures à 17.6.21 | ||
| Microsoft | N/A | Microsoft SharePoint Server Subscription Edition versions antérieures à 16.0.17928.20238 | ||
| Microsoft | N/A | Microsoft Exchange Server 2019 Cumulative Update 13 versions antérieures à 15.02.1258.038 | ||
| Microsoft | N/A | Microsoft PC Manager versions antérieures à 3.14.10.0 | ||
| Microsoft | N/A | Greffon Python pour Visual Studio Code versions antérieures à 2024.18.2 | ||
| Microsoft | N/A | Microsoft TorchGeo versions antérieures à 0.6.1 | ||
| Microsoft | N/A | Microsoft SharePoint Server 2019 versions antérieures à 16.0.10416.20000 | ||
| Microsoft | N/A | Microsoft Defender pour Endpoint pour Android versions antérieures à 1.0.7001.0101 | ||
| Microsoft | N/A | Microsoft Defender pour Endpoint pour iOS versions antérieures à 1.1.58140101 | ||
| Microsoft | N/A | Microsoft Visual Studio 2022 version 17.10 antérieures à 17.10.9 | ||
| Microsoft | N/A | Microsoft SQL Server 2022 pour systèmes x64 (GDR) versions antérieures à 16.0.1135.2 | ||
| Microsoft | N/A | Microsoft SQL Server 2019 pour systèmes x64 (GDR) versions antérieures à 15.0.2130.3 | ||
| Microsoft | N/A | Microsoft Exchange Server 2019 Cumulative Update 14 versions antérieures à 15.02.1544.013 | ||
| Microsoft | N/A | Microsoft SQL Server 2016 pour systèmes x64 Service Pack 3 (GDR) versions antérieures à 13.0.6455.2 | ||
| Microsoft | N/A | Microsoft Exchange Server 2016 Cumulative Update 23 versions antérieures à 15.01.2507.043 | ||
| Microsoft | N/A | Greffon SSH pour Visual Studio Code versions antérieures à 0.115.1 | ||
| Microsoft | N/A | Microsoft SQL Server 2017 pour systèmes x64 (CU 31) versions antérieures à 14.0.3485.1 | ||
| Microsoft | N/A | Microsoft SharePoint Enterprise Server 2016 versions antérieures à 16.0.5474.1001 | ||
| Microsoft | N/A | LightGBM versions antérieures à 4.6.0 | ||
| Microsoft | N/A | Microsoft SQL Server 2022 pour systèmes x64 (CU 15) versions antérieures à 16.0.4155.4 | ||
| Microsoft | N/A | Microsoft Visual Studio 2022 version 17.8 antérieures à 17.8.16 | ||
| Microsoft | N/A | Microsoft Visual Studio 2022 version 17.11 antérieures à 17.11.6 | ||
| Microsoft | N/A | Microsoft SQL Server 2019 pour systèmes x64 (CU 29) versions antérieures à 15.0.4410.1 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Microsoft SQL Server 2017 pour syst\u00e8mes x64 (GDR) versions ant\u00e9rieures \u00e0 14.0.2070.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2022 version 17.6 ant\u00e9rieures \u00e0 17.6.21",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SharePoint Server Subscription Edition versions ant\u00e9rieures \u00e0 16.0.17928.20238",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Exchange Server 2019 Cumulative Update 13 versions ant\u00e9rieures \u00e0 15.02.1258.038",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft PC Manager versions ant\u00e9rieures \u00e0 3.14.10.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Greffon Python pour Visual Studio Code versions ant\u00e9rieures \u00e0 2024.18.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft TorchGeo versions ant\u00e9rieures \u00e0 0.6.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SharePoint Server 2019 versions ant\u00e9rieures \u00e0 16.0.10416.20000",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Defender pour Endpoint pour Android versions ant\u00e9rieures \u00e0 1.0.7001.0101",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Defender pour Endpoint pour iOS versions ant\u00e9rieures \u00e0 1.1.58140101",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2022 version 17.10 ant\u00e9rieures \u00e0 17.10.9",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2022 pour syst\u00e8mes x64 (GDR) versions ant\u00e9rieures \u00e0 16.0.1135.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2019 pour syst\u00e8mes x64 (GDR) versions ant\u00e9rieures \u00e0 15.0.2130.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Exchange Server 2019 Cumulative Update 14 versions ant\u00e9rieures \u00e0 15.02.1544.013",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2016 pour syst\u00e8mes x64 Service Pack 3 (GDR) versions ant\u00e9rieures \u00e0 13.0.6455.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Exchange Server 2016 Cumulative Update 23 versions ant\u00e9rieures \u00e0 15.01.2507.043",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Greffon SSH pour Visual Studio Code versions ant\u00e9rieures \u00e0 0.115.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2017 pour syst\u00e8mes x64 (CU 31) versions ant\u00e9rieures \u00e0 14.0.3485.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SharePoint Enterprise Server 2016 versions ant\u00e9rieures \u00e0 16.0.5474.1001",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "LightGBM versions ant\u00e9rieures \u00e0 4.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2022 pour syst\u00e8mes x64 (CU 15) versions ant\u00e9rieures \u00e0 16.0.4155.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2022 version 17.8 ant\u00e9rieures \u00e0 17.8.16",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Visual Studio 2022 version 17.11 ant\u00e9rieures \u00e0 17.11.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft SQL Server 2019 pour syst\u00e8mes x64 (CU 29) versions ant\u00e9rieures \u00e0 15.0.4410.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-48997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48997"
},
{
"name": "CVE-2024-49002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49002"
},
{
"name": "CVE-2024-48998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48998"
},
{
"name": "CVE-2024-49050",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49050"
},
{
"name": "CVE-2024-48996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48996"
},
{
"name": "CVE-2024-49013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49013"
},
{
"name": "CVE-2024-49018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49018"
},
{
"name": "CVE-2024-49012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49012"
},
{
"name": "CVE-2024-49006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49006"
},
{
"name": "CVE-2024-48999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48999"
},
{
"name": "CVE-2024-49040",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49040"
},
{
"name": "CVE-2024-49010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49010"
},
{
"name": "CVE-2024-43499",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43499"
},
{
"name": "CVE-2024-43598",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43598"
},
{
"name": "CVE-2024-49049",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49049"
},
{
"name": "CVE-2024-49011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49011"
},
{
"name": "CVE-2024-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49043"
},
{
"name": "CVE-2024-49015",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49015"
},
{
"name": "CVE-2024-49009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49009"
},
{
"name": "CVE-2024-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49014"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2024-38255",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38255"
},
{
"name": "CVE-2024-49003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49003"
},
{
"name": "CVE-2024-48993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48993"
},
{
"name": "CVE-2024-49008",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49008"
},
{
"name": "CVE-2024-49005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49005"
},
{
"name": "CVE-2024-49021",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49021"
},
{
"name": "CVE-2024-49007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49007"
},
{
"name": "CVE-2024-49051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49051"
},
{
"name": "CVE-2024-49004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49004"
},
{
"name": "CVE-2024-49044",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49044"
},
{
"name": "CVE-2024-49017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49017"
},
{
"name": "CVE-2024-43462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43462"
},
{
"name": "CVE-2024-48994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48994"
},
{
"name": "CVE-2024-48995",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48995"
},
{
"name": "CVE-2024-49001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49001"
},
{
"name": "CVE-2024-49000",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49000"
},
{
"name": "CVE-2024-43498",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43498"
},
{
"name": "CVE-2024-49048",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49048"
},
{
"name": "CVE-2024-49016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49016"
},
{
"name": "CVE-2024-43459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43459"
}
],
"initial_release_date": "2024-11-13T00:00:00",
"last_revision_date": "2024-11-13T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0978",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-11-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Microsoft. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
"vendor_advisories": [
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-48994",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-48994"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-49048",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49048"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-43498",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43498"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-49051",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49051"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-49043",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49043"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-49014",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49014"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-43462",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43462"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-49004",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49004"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-49016",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49016"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-49010",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49010"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-49040",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49040"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-48998",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-48998"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-49018",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49018"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-49005",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49005"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-49050",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49050"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-49044",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49044"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-49000",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49000"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-49003",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49003"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-49008",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49008"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-49009",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49009"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-38255",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38255"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-48995",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-48995"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-49011",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49011"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-49013",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49013"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-49017",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49017"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-49015",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49015"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-49012",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49012"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-48997",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-48997"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-48996",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-48996"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-43598",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43598"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-49001",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49001"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-49021",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49021"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-43459",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43459"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-43499",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43499"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-49007",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49007"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-49002",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49002"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-49006",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49006"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-49049",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49049"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-48999",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-48999"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-48993",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-48993"
},
{
"published_at": "2024-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2024-5535",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-5535"
}
]
}
WID-SEC-W-2024-3413
Vulnerability from csaf_certbund
Published
2024-11-12 23:00
Modified
2024-11-12 23:00
Summary
Microsoft Exchange Server: Schwachstelle ermöglicht Spoofing-Angriff
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Microsoft Exchange Server ist das Serverprodukt für das Client-Server Groupware- und Nachrichtensystem der Firma Microsoft.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Microsoft Exchange Server 2016 und Microsoft Exchange Server 2019 ausnutzen, um den Benutzer zu täuschen.
Betroffene Betriebssysteme
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Microsoft Exchange Server ist das Serverprodukt f\u00fcr das Client-Server Groupware- und Nachrichtensystem der Firma Microsoft.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Microsoft Exchange Server 2016 und Microsoft Exchange Server 2019 ausnutzen, um den Benutzer zu t\u00e4uschen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3413 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3413.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3413 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3413"
},
{
"category": "external",
"summary": "Microsoft Leitfaden f\u00fcr Sicherheitsupdates",
"url": "https://msrc.microsoft.com/update-guide/"
}
],
"source_lang": "en-US",
"title": "Microsoft Exchange Server: Schwachstelle erm\u00f6glicht Spoofing-Angriff",
"tracking": {
"current_release_date": "2024-11-12T23:00:00.000+00:00",
"generator": {
"date": "2024-11-13T09:16:23.769+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-3413",
"initial_release_date": "2024-11-12T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-11-12T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "Cumulative Update 23",
"product": {
"name": "Microsoft Exchange Server 2016 Cumulative Update 23",
"product_id": "T023152",
"product_identification_helper": {
"cpe": "cpe:/a:microsoft:exchange_server_2016:cumulative_update_23"
}
}
}
],
"category": "product_name",
"name": "Exchange Server 2016"
},
{
"branches": [
{
"category": "product_version",
"name": "Cumulative Update 13",
"product": {
"name": "Microsoft Exchange Server 2019 Cumulative Update 13",
"product_id": "T028109",
"product_identification_helper": {
"cpe": "cpe:/a:microsoft:exchange_server_2019:cumulative_update_13"
}
}
},
{
"category": "product_version",
"name": "Cumulative Update 14",
"product": {
"name": "Microsoft Exchange Server 2019 Cumulative Update 14",
"product_id": "T032780",
"product_identification_helper": {
"cpe": "cpe:/a:microsoft:exchange_server_2019:cumulative_update_14"
}
}
}
],
"category": "product_name",
"name": "Exchange Server 2019"
}
],
"category": "vendor",
"name": "Microsoft"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-49040",
"notes": [
{
"category": "description",
"text": "Es gibt eine Schwachstelle in Microsoft Exchange Server. Diese Schwachstelle besteht aufgrund eines Problems bei der \u00dcberpr\u00fcfung des P2 FROM-Headers beim Transport von E-Mails. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, sodass Clients einen gef\u00e4lschten Absender so anzeigen, als w\u00e4re er legitim."
}
],
"product_status": {
"known_affected": [
"T028109",
"T023152",
"T032780"
]
},
"release_date": "2024-11-12T23:00:00.000+00:00",
"title": "CVE-2024-49040"
}
]
}
wid-sec-w-2024-3413
Vulnerability from csaf_certbund
Published
2024-11-12 23:00
Modified
2024-11-12 23:00
Summary
Microsoft Exchange Server: Schwachstelle ermöglicht Spoofing-Angriff
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Microsoft Exchange Server ist das Serverprodukt für das Client-Server Groupware- und Nachrichtensystem der Firma Microsoft.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Microsoft Exchange Server 2016 und Microsoft Exchange Server 2019 ausnutzen, um den Benutzer zu täuschen.
Betroffene Betriebssysteme
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Microsoft Exchange Server ist das Serverprodukt f\u00fcr das Client-Server Groupware- und Nachrichtensystem der Firma Microsoft.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Microsoft Exchange Server 2016 und Microsoft Exchange Server 2019 ausnutzen, um den Benutzer zu t\u00e4uschen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3413 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3413.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3413 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3413"
},
{
"category": "external",
"summary": "Microsoft Leitfaden f\u00fcr Sicherheitsupdates",
"url": "https://msrc.microsoft.com/update-guide/"
}
],
"source_lang": "en-US",
"title": "Microsoft Exchange Server: Schwachstelle erm\u00f6glicht Spoofing-Angriff",
"tracking": {
"current_release_date": "2024-11-12T23:00:00.000+00:00",
"generator": {
"date": "2024-11-13T09:16:23.769+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-3413",
"initial_release_date": "2024-11-12T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-11-12T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "Cumulative Update 23",
"product": {
"name": "Microsoft Exchange Server 2016 Cumulative Update 23",
"product_id": "T023152",
"product_identification_helper": {
"cpe": "cpe:/a:microsoft:exchange_server_2016:cumulative_update_23"
}
}
}
],
"category": "product_name",
"name": "Exchange Server 2016"
},
{
"branches": [
{
"category": "product_version",
"name": "Cumulative Update 13",
"product": {
"name": "Microsoft Exchange Server 2019 Cumulative Update 13",
"product_id": "T028109",
"product_identification_helper": {
"cpe": "cpe:/a:microsoft:exchange_server_2019:cumulative_update_13"
}
}
},
{
"category": "product_version",
"name": "Cumulative Update 14",
"product": {
"name": "Microsoft Exchange Server 2019 Cumulative Update 14",
"product_id": "T032780",
"product_identification_helper": {
"cpe": "cpe:/a:microsoft:exchange_server_2019:cumulative_update_14"
}
}
}
],
"category": "product_name",
"name": "Exchange Server 2019"
}
],
"category": "vendor",
"name": "Microsoft"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-49040",
"notes": [
{
"category": "description",
"text": "Es gibt eine Schwachstelle in Microsoft Exchange Server. Diese Schwachstelle besteht aufgrund eines Problems bei der \u00dcberpr\u00fcfung des P2 FROM-Headers beim Transport von E-Mails. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, sodass Clients einen gef\u00e4lschten Absender so anzeigen, als w\u00e4re er legitim."
}
],
"product_status": {
"known_affected": [
"T028109",
"T023152",
"T032780"
]
},
"release_date": "2024-11-12T23:00:00.000+00:00",
"title": "CVE-2024-49040"
}
]
}
wid-sec-w-2025-0262
Vulnerability from csaf_certbund
Published
2025-02-04 23:00
Modified
2025-09-17 22:00
Summary
Mozilla Firefox und Thunderbird: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Firefox ist ein Open Source Web Browser.
ESR ist die Variante mit verlängertem Support.
Thunderbird ist ein Open Source E-Mail Client.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen preiszugeben, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen oder Spoofing-Angriffe durchzuführen.
Betroffene Betriebssysteme
- Linux
- MacOS X
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Firefox ist ein Open Source Web Browser.\r\nESR ist die Variante mit verl\u00e4ngertem Support.\r\nThunderbird ist ein Open Source E-Mail Client.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird ausnutzen, um beliebigen Code auszuf\u00fchren, vertrauliche Informationen preiszugeben, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen oder Spoofing-Angriffe durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- MacOS X\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0262 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0262.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0262 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0262"
},
{
"category": "external",
"summary": "Mozilla Foundation Security Advisory vom 2025-02-04",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-07/"
},
{
"category": "external",
"summary": "Mozilla Foundation Security Advisory vom 2025-02-04",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-08/"
},
{
"category": "external",
"summary": "Mozilla Foundation Security Advisory vom 2025-02-04",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-09/"
},
{
"category": "external",
"summary": "Mozilla Foundation Security Advisory vom 2025-02-04",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-10/"
},
{
"category": "external",
"summary": "Mozilla Foundation Security Advisory vom 2025-02-04",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-11/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1066 vom 2025-02-05",
"url": "https://access.redhat.com/errata/RHSA-2025:1066"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-1066 vom 2025-02-06",
"url": "https://linux.oracle.com/errata/ELSA-2025-1066.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5858 vom 2025-02-05",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00020.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1135 vom 2025-02-06",
"url": "https://access.redhat.com/errata/RHSA-2025:1135"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1136 vom 2025-02-06",
"url": "https://access.redhat.com/errata/RHSA-2025:1136"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1137 vom 2025-02-06",
"url": "https://access.redhat.com/errata/RHSA-2025:1137"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1138 vom 2025-02-06",
"url": "https://access.redhat.com/errata/RHSA-2025:1138"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1132 vom 2025-02-06",
"url": "https://access.redhat.com/errata/RHSA-2025:1132"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1133 vom 2025-02-06",
"url": "https://access.redhat.com/errata/RHSA-2025:1133"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1139 vom 2025-02-06",
"url": "https://access.redhat.com/errata/RHSA-2025:1139"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1140 vom 2025-02-06",
"url": "https://access.redhat.com/errata/RHSA-2025:1140"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:14731-1 vom 2025-02-06",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/MP4SZWYCKRN2DG7QYUK64Y4TXD7ABUH5/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0374-1 vom 2025-02-06",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020274.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:14730-1 vom 2025-02-06",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/YKL4Q4JIJAFIP47G3Y7MQZ2RNDDMCC33/"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5860 vom 2025-02-07",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00022.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1184 vom 2025-02-10",
"url": "https://access.redhat.com/errata/RHSA-2025:1184"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4045 vom 2025-02-07",
"url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00006.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4044 vom 2025-02-07",
"url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00005.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0391-1 vom 2025-02-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020295.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7263-1 vom 2025-02-11",
"url": "https://ubuntu.com/security/notices/USN-7263-1"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-1184 vom 2025-02-10",
"url": "http://linux.oracle.com/errata/ELSA-2025-1184.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0405-1 vom 2025-02-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020302.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-1184 vom 2025-02-10",
"url": "https://oss.oracle.com/pipermail/el-errata/2025-February/017147.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-1184 vom 2025-02-10",
"url": "https://linux.oracle.com/errata/ELSA-2025-1184.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1283 vom 2025-02-11",
"url": "https://access.redhat.com/errata/RHSA-2025:1283"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1292 vom 2025-02-11",
"url": "https://access.redhat.com/errata/RHSA-2025:1292"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1317 vom 2025-02-11",
"url": "https://access.redhat.com/errata/RHSA-2025:1317"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1318 vom 2025-02-11",
"url": "https://access.redhat.com/errata/RHSA-2025:1318"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1319 vom 2025-02-11",
"url": "https://access.redhat.com/errata/RHSA-2025:1319"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1341 vom 2025-02-12",
"url": "https://access.redhat.com/errata/RHSA-2025:1341"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1340 vom 2025-02-12",
"url": "https://access.redhat.com/errata/RHSA-2025:1340"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1339 vom 2025-02-12",
"url": "https://access.redhat.com/errata/RHSA-2025:1339"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1348 vom 2025-02-12",
"url": "https://access.redhat.com/errata/RHSA-2025:1348"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-1283 vom 2025-02-12",
"url": "https://linux.oracle.com/errata/ELSA-2025-1283.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-1292 vom 2025-02-12",
"url": "https://linux.oracle.com/errata/ELSA-2025-1292.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-1132 vom 2025-02-12",
"url": "https://linux.oracle.com/errata/ELSA-2025-1132.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:1283 vom 2025-02-13",
"url": "https://errata.build.resf.org/RLSA-2025:1283"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2025-2765 vom 2025-02-25",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2025-2765.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASFIREFOX-2025-034 vom 2025-02-25",
"url": "https://alas.aws.amazon.com/AL2/ALASFIREFOX-2025-034.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASFIREFOX-2025-035 vom 2025-03-01",
"url": "https://alas.aws.amazon.com/AL2/ALASFIREFOX-2025-035.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2025-2789 vom 2025-03-07",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2025-2789.html"
},
{
"category": "external",
"summary": "IGEL Product Security Information",
"url": "https://kb.igel.com/security-safety/current/isn-2025-09-firefox-esr-vulnerabilities"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202505-03 vom 2025-05-12",
"url": "https://security.gentoo.org/glsa/202505-03"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX25-012 vom 2025-06-02",
"url": "https://security.business.xerox.com/wp-content/uploads/2025/06/Xerox-Security-Bulletin-XRX25-012-for-Xerox-FreeFlow-Print-Server-v9.pdf"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202509-02 vom 2025-09-18",
"url": "https://security.gentoo.org/glsa/202509-02"
}
],
"source_lang": "en-US",
"title": "Mozilla Firefox und Thunderbird: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-09-17T22:00:00.000+00:00",
"generator": {
"date": "2025-09-18T07:17:12.193+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-0262",
"initial_release_date": "2025-02-04T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-02-04T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-02-05T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Oracle Linux und Debian aufgenommen"
},
{
"date": "2025-02-06T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von openSUSE und SUSE aufgenommen"
},
{
"date": "2025-02-09T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Debian und Red Hat aufgenommen"
},
{
"date": "2025-02-10T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Ubuntu, Oracle Linux und SUSE aufgenommen"
},
{
"date": "2025-02-11T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-02-12T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-02-13T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2025-02-25T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-03-02T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-03-09T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-04-29T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-05-11T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2025-06-02T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von XEROX aufgenommen"
},
{
"date": "2025-09-17T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Gentoo aufgenommen"
}
],
"status": "final",
"version": "15"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"category": "product_name",
"name": "IGEL OS",
"product": {
"name": "IGEL OS",
"product_id": "T017865",
"product_identification_helper": {
"cpe": "cpe:/o:igel:os:-"
}
}
}
],
"category": "vendor",
"name": "IGEL"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c135",
"product": {
"name": "Mozilla Firefox \u003c135",
"product_id": "T040793"
}
},
{
"category": "product_version",
"name": "135",
"product": {
"name": "Mozilla Firefox 135",
"product_id": "T040793-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mozilla:firefox:135"
}
}
}
],
"category": "product_name",
"name": "Firefox"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c115.20",
"product": {
"name": "Mozilla Firefox ESR \u003c115.20",
"product_id": "T040794"
}
},
{
"category": "product_version",
"name": "115.2",
"product": {
"name": "Mozilla Firefox ESR 115.20",
"product_id": "T040794-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mozilla:firefox_esr:115.20"
}
}
},
{
"category": "product_version_range",
"name": "\u003c128.7",
"product": {
"name": "Mozilla Firefox ESR \u003c128.7",
"product_id": "T040795"
}
},
{
"category": "product_version",
"name": "128.7",
"product": {
"name": "Mozilla Firefox ESR 128.7",
"product_id": "T040795-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mozilla:firefox_esr:128.7"
}
}
}
],
"category": "product_name",
"name": "Firefox ESR"
},
{
"branches": [
{
"category": "product_version_range",
"name": "ESR \u003c128.7",
"product": {
"name": "Mozilla Thunderbird ESR \u003c128.7",
"product_id": "T040796"
}
},
{
"category": "product_version",
"name": "ESR 128.7",
"product": {
"name": "Mozilla Thunderbird ESR 128.7",
"product_id": "T040796-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mozilla:thunderbird:esr__128.7"
}
}
},
{
"category": "product_version_range",
"name": "\u003c135",
"product": {
"name": "Mozilla Thunderbird \u003c135",
"product_id": "T040797"
}
},
{
"category": "product_version",
"name": "135",
"product": {
"name": "Mozilla Thunderbird 135",
"product_id": "T040797-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mozilla:thunderbird:135"
}
}
}
],
"category": "product_name",
"name": "Thunderbird"
}
],
"category": "vendor",
"name": "Mozilla"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "9",
"product": {
"name": "Xerox FreeFlow Print Server 9",
"product_id": "T002977",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:9"
}
}
}
],
"category": "product_name",
"name": "FreeFlow Print Server"
}
],
"category": "vendor",
"name": "Xerox"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-11704",
"product_status": {
"known_affected": [
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T040797",
"T040796",
"T040795",
"T040794",
"T040793"
]
},
"release_date": "2025-02-04T23:00:00.000+00:00",
"title": "CVE-2024-11704"
},
{
"cve": "CVE-2024-49040",
"product_status": {
"known_affected": [
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T040797",
"T040796",
"T040795",
"T040794",
"T040793"
]
},
"release_date": "2025-02-04T23:00:00.000+00:00",
"title": "CVE-2024-49040"
},
{
"cve": "CVE-2025-0510",
"product_status": {
"known_affected": [
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T040797",
"T040796",
"T040795",
"T040794",
"T040793"
]
},
"release_date": "2025-02-04T23:00:00.000+00:00",
"title": "CVE-2025-0510"
},
{
"cve": "CVE-2025-1009",
"product_status": {
"known_affected": [
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T040797",
"T040796",
"T040795",
"T040794",
"T040793"
]
},
"release_date": "2025-02-04T23:00:00.000+00:00",
"title": "CVE-2025-1009"
},
{
"cve": "CVE-2025-1010",
"product_status": {
"known_affected": [
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T040797",
"T040796",
"T040795",
"T040794",
"T040793"
]
},
"release_date": "2025-02-04T23:00:00.000+00:00",
"title": "CVE-2025-1010"
},
{
"cve": "CVE-2025-1011",
"product_status": {
"known_affected": [
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T040797",
"T040796",
"T040795",
"T040794",
"T040793"
]
},
"release_date": "2025-02-04T23:00:00.000+00:00",
"title": "CVE-2025-1011"
},
{
"cve": "CVE-2025-1012",
"product_status": {
"known_affected": [
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T040797",
"T040796",
"T040795",
"T040794",
"T040793"
]
},
"release_date": "2025-02-04T23:00:00.000+00:00",
"title": "CVE-2025-1012"
},
{
"cve": "CVE-2025-1013",
"product_status": {
"known_affected": [
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T040797",
"T040796",
"T040795",
"T040794",
"T040793"
]
},
"release_date": "2025-02-04T23:00:00.000+00:00",
"title": "CVE-2025-1013"
},
{
"cve": "CVE-2025-1014",
"product_status": {
"known_affected": [
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T040797",
"T040796",
"T040795",
"T040794",
"T040793"
]
},
"release_date": "2025-02-04T23:00:00.000+00:00",
"title": "CVE-2025-1014"
},
{
"cve": "CVE-2025-1015",
"product_status": {
"known_affected": [
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T040797",
"T040796",
"T040795",
"T040794",
"T040793"
]
},
"release_date": "2025-02-04T23:00:00.000+00:00",
"title": "CVE-2025-1015"
},
{
"cve": "CVE-2025-1016",
"product_status": {
"known_affected": [
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T040797",
"T040796",
"T040795",
"T040794",
"T040793"
]
},
"release_date": "2025-02-04T23:00:00.000+00:00",
"title": "CVE-2025-1016"
},
{
"cve": "CVE-2025-1017",
"product_status": {
"known_affected": [
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T040797",
"T040796",
"T040795",
"T040794",
"T040793"
]
},
"release_date": "2025-02-04T23:00:00.000+00:00",
"title": "CVE-2025-1017"
},
{
"cve": "CVE-2025-1018",
"product_status": {
"known_affected": [
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T040797",
"T040796",
"T040795",
"T040794",
"T040793"
]
},
"release_date": "2025-02-04T23:00:00.000+00:00",
"title": "CVE-2025-1018"
},
{
"cve": "CVE-2025-1019",
"product_status": {
"known_affected": [
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T040797",
"T040796",
"T040795",
"T040794",
"T040793"
]
},
"release_date": "2025-02-04T23:00:00.000+00:00",
"title": "CVE-2025-1019"
},
{
"cve": "CVE-2025-1020",
"product_status": {
"known_affected": [
"67646",
"T002977",
"T012167",
"T004914",
"T032255",
"2951",
"T002207",
"T017865",
"T000126",
"T027843",
"398363",
"T040797",
"T040796",
"T040795",
"T040794",
"T040793"
]
},
"release_date": "2025-02-04T23:00:00.000+00:00",
"title": "CVE-2025-1020"
}
]
}
cnvd-2024-45320
Vulnerability from cnvd
Title
Microsoft Exchange Server欺骗漏洞(CNVD-2024-45320)
Description
Microsoft Exchange Server是美国微软(Microsoft)公司的一套电子邮件服务程序。它提供邮件存取、储存、转发,语音邮件,邮件过滤筛选等功能。
Microsoft Exchange Server存在欺骗漏洞,攻击者可利用该漏洞执行欺骗攻击。
Severity
高
VLAI Severity ?
Patch Name
Microsoft Exchange Server欺骗漏洞(CNVD-2024-45320)的补丁
Patch Description
Microsoft Exchange Server是美国微软(Microsoft)公司的一套电子邮件服务程序。它提供邮件存取、储存、转发,语音邮件,邮件过滤筛选等功能。
Microsoft Exchange Server存在欺骗漏洞,攻击者可利用该漏洞执行欺骗攻击。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49040
Reference
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49040
Impacted products
| Name | ['Microsoft Exchange Server 2016 Cumulative Update 23', 'Microsoft Exchange Server 2019 Cumulative Update 13', 'Microsoft Exchange Server 2019 Cumulative Update 14'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2024-49040",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-49040"
}
},
"description": "Microsoft Exchange Server\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4e00\u5957\u7535\u5b50\u90ae\u4ef6\u670d\u52a1\u7a0b\u5e8f\u3002\u5b83\u63d0\u4f9b\u90ae\u4ef6\u5b58\u53d6\u3001\u50a8\u5b58\u3001\u8f6c\u53d1\uff0c\u8bed\u97f3\u90ae\u4ef6\uff0c\u90ae\u4ef6\u8fc7\u6ee4\u7b5b\u9009\u7b49\u529f\u80fd\u3002\n\nMicrosoft Exchange Server\u5b58\u5728\u6b3a\u9a97\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u6b3a\u9a97\u653b\u51fb\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49040",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2024-45320",
"openTime": "2024-11-22",
"patchDescription": "Microsoft Exchange Server\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4e00\u5957\u7535\u5b50\u90ae\u4ef6\u670d\u52a1\u7a0b\u5e8f\u3002\u5b83\u63d0\u4f9b\u90ae\u4ef6\u5b58\u53d6\u3001\u50a8\u5b58\u3001\u8f6c\u53d1\uff0c\u8bed\u97f3\u90ae\u4ef6\uff0c\u90ae\u4ef6\u8fc7\u6ee4\u7b5b\u9009\u7b49\u529f\u80fd\u3002\r\n\r\nMicrosoft Exchange Server\u5b58\u5728\u6b3a\u9a97\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u6b3a\u9a97\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Microsoft Exchange Server\u6b3a\u9a97\u6f0f\u6d1e\uff08CNVD-2024-45320\uff09\u7684\u8865\u4e01",
"products": {
"product": [
"Microsoft Exchange Server 2016 Cumulative Update 23",
"Microsoft Exchange Server 2019 Cumulative Update 13",
"Microsoft Exchange Server 2019 Cumulative Update 14"
]
},
"referenceLink": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49040",
"serverity": "\u9ad8",
"submitTime": "2024-11-15",
"title": "Microsoft Exchange Server\u6b3a\u9a97\u6f0f\u6d1e\uff08CNVD-2024-45320\uff09"
}
fkie_cve-2024-49040
Vulnerability from fkie_nvd
Published
2024-11-12 18:15
Modified
2024-11-16 00:05
Severity ?
Summary
Microsoft Exchange Server Spoofing Vulnerability
References
| URL | Tags | ||
|---|---|---|---|
| secure@microsoft.com | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49040 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | exchange_server | 2016 | |
| microsoft | exchange_server | 2016 | |
| microsoft | exchange_server | 2016 | |
| microsoft | exchange_server | 2016 | |
| microsoft | exchange_server | 2016 | |
| microsoft | exchange_server | 2016 | |
| microsoft | exchange_server | 2016 | |
| microsoft | exchange_server | 2016 | |
| microsoft | exchange_server | 2016 | |
| microsoft | exchange_server | 2016 | |
| microsoft | exchange_server | 2016 | |
| microsoft | exchange_server | 2016 | |
| microsoft | exchange_server | 2016 | |
| microsoft | exchange_server | 2016 | |
| microsoft | exchange_server | 2016 | |
| microsoft | exchange_server | 2016 | |
| microsoft | exchange_server | 2016 | |
| microsoft | exchange_server | 2016 | |
| microsoft | exchange_server | 2016 | |
| microsoft | exchange_server | 2016 | |
| microsoft | exchange_server | 2016 | |
| microsoft | exchange_server | 2016 | |
| microsoft | exchange_server | 2016 | |
| microsoft | exchange_server | 2019 | |
| microsoft | exchange_server | 2019 | |
| microsoft | exchange_server | 2019 | |
| microsoft | exchange_server | 2019 | |
| microsoft | exchange_server | 2019 | |
| microsoft | exchange_server | 2019 | |
| microsoft | exchange_server | 2019 | |
| microsoft | exchange_server | 2019 | |
| microsoft | exchange_server | 2019 | |
| microsoft | exchange_server | 2019 | |
| microsoft | exchange_server | 2019 | |
| microsoft | exchange_server | 2019 | |
| microsoft | exchange_server | 2019 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:-:*:*:*:*:*:*",
"matchCriteriaId": "8039FBA1-73D4-4FF2-B183-0DCC961CBFF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_1:*:*:*:*:*:*",
"matchCriteriaId": "56728785-188C-470A-9692-E6C7235109CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_10:*:*:*:*:*:*",
"matchCriteriaId": "63E362CB-CF75-4B7E-A4B1-D6D84AFCBB68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_11:*:*:*:*:*:*",
"matchCriteriaId": "9BE04790-85A2-4078-88CE-1787BC5172E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_12:*:*:*:*:*:*",
"matchCriteriaId": "CCF101BE-27FD-4E2D-A694-C606BD3D1ED7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_13:*:*:*:*:*:*",
"matchCriteriaId": "4DF5BDB5-205D-4B64-A49A-0152AFCF4A13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_14:*:*:*:*:*:*",
"matchCriteriaId": "55284CF7-0D04-4216-83FE-4B1F9CA94207",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_15:*:*:*:*:*:*",
"matchCriteriaId": "CA2CE223-AA49-49E6-AC32-59270EFF55AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_16:*:*:*:*:*:*",
"matchCriteriaId": "4830D6A9-AF74-480C-8F69-8648CD619980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_17:*:*:*:*:*:*",
"matchCriteriaId": "079E1E3F-FF25-4B0D-AC98-191D6455A014",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_18:*:*:*:*:*:*",
"matchCriteriaId": "29805EC7-6403-44B9-91EC-109C087E98EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_19:*:*:*:*:*:*",
"matchCriteriaId": "28FCA0E8-7D27-4746-9731-91B834CA3E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_2:*:*:*:*:*:*",
"matchCriteriaId": "996163E7-6F3F-4D3B-AEA4-62A7F7E1F54D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:*",
"matchCriteriaId": "19C1EE0C-B8DD-4B91-BE4B-1C42D72FB718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*",
"matchCriteriaId": "3BE427A4-B0C2-4064-8234-29426325C348",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*",
"matchCriteriaId": "449CE85B-E599-44D3-A7C1-5133F6A55E86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_3:*:*:*:*:*:*",
"matchCriteriaId": "FE401B0A-DDE4-4A36-8E27-6DB14E094BE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_4:*:*:*:*:*:*",
"matchCriteriaId": "450319C4-7C8F-43B7-B7F8-80DA4F1F2817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_5:*:*:*:*:*:*",
"matchCriteriaId": "23015889-48AF-40A5-862F-290E73A54E77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_6:*:*:*:*:*:*",
"matchCriteriaId": "4FC34516-D7E7-4AD9-9B45-5474831548E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_7:*:*:*:*:*:*",
"matchCriteriaId": "5211792E-5292-41C0-B7E9-8AA63EC606EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_8:*:*:*:*:*:*",
"matchCriteriaId": "075E907F-AF2F-4C31-86C7-51972BE412A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_9:*:*:*:*:*:*",
"matchCriteriaId": "69AF19DC-3D65-49A8-A85F-511085CDF27B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:-:*:*:*:*:*:*",
"matchCriteriaId": "40D8A6DB-9225-4A3F-AD76-192F6CCCF002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_1:*:*:*:*:*:*",
"matchCriteriaId": "051DE6C4-7456-4C42-BC51-253208AADB4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*",
"matchCriteriaId": "B4185347-EEDD-4239-9AB3-410E2EC89D2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*",
"matchCriteriaId": "435343A4-BF10-461A-ABF2-D511A5FBDA75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_12:*:*:*:*:*:*",
"matchCriteriaId": "B23C8E3E-5243-4DA6-B9AA-F6053084B55E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_2:*:*:*:*:*:*",
"matchCriteriaId": "EE320413-D2C9-4B28-89BF-361B44A3F0FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_3:*:*:*:*:*:*",
"matchCriteriaId": "104F96DC-E280-4E0A-8586-B043B55888C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_4:*:*:*:*:*:*",
"matchCriteriaId": "73B3B3FE-7E85-4B86-A983-2C410FFEF4B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_5:*:*:*:*:*:*",
"matchCriteriaId": "8A9FB275-7F17-48B2-B528-BE89309D2AF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_6:*:*:*:*:*:*",
"matchCriteriaId": "D4AB3C25-CEA8-4D66-AEE4-953C8B17911A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_7:*:*:*:*:*:*",
"matchCriteriaId": "36CE5C6D-9A04-41F5-AE7C-265779833649",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_8:*:*:*:*:*:*",
"matchCriteriaId": "44ECF39A-1DE1-4870-A494-06A53494338D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:*",
"matchCriteriaId": "71CDF29B-116B-4DE2-AFD0-B62477FF0AEB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Exchange Server Spoofing Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de suplantaci\u00f3n de identidad en Microsoft Exchange Server"
}
],
"id": "CVE-2024-49040",
"lastModified": "2024-11-16T00:05:03.997",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "secure@microsoft.com",
"type": "Primary"
}
]
},
"published": "2024-11-12T18:15:44.410",
"references": [
{
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49040"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-451"
}
],
"source": "secure@microsoft.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
ghsa-7xx8-v929-wp8r
Vulnerability from github
Published
2024-11-12 18:30
Modified
2024-11-12 18:30
Severity ?
VLAI Severity ?
Details
Microsoft Exchange Server Spoofing Vulnerability
{
"affected": [],
"aliases": [
"CVE-2024-49040"
],
"database_specific": {
"cwe_ids": [
"CWE-451"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-12T18:15:44Z",
"severity": "HIGH"
},
"details": "Microsoft Exchange Server Spoofing Vulnerability",
"id": "GHSA-7xx8-v929-wp8r",
"modified": "2024-11-12T18:30:59Z",
"published": "2024-11-12T18:30:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-49040"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49040"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
msrc_cve-2024-49040
Vulnerability from csaf_microsoft
Published
2024-11-12 08:00
Modified
2024-11-27 08:00
Summary
Microsoft Exchange Server Spoofing Vulnerability
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
Customer Action
Required. The vulnerability documented by this CVE requires customer action to resolve.
{
"document": {
"acknowledgments": [
{
"names": [
"\u003ca href=\"https://x.com/slonser_\"\u003eSlonser\u003c/a\u003e with \u003ca href=\"https://solidlab.ru/\"\u003eSolidlab\u003c/a\u003e"
]
}
],
"aggregate_severity": {
"namespace": "https://www.microsoft.com/en-us/msrc/security-update-severity-rating-system",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
},
{
"category": "general",
"text": "Required. The vulnerability documented by this CVE requires customer action to resolve.",
"title": "Customer Action"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2024-49040 Microsoft Exchange Server Spoofing Vulnerability - HTML",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49040"
},
{
"category": "self",
"summary": "CVE-2024-49040 Microsoft Exchange Server Spoofing Vulnerability - CSAF",
"url": "https://msrc.microsoft.com/csaf/advisories/2024/msrc_cve-2024-49040.json"
},
{
"category": "external",
"summary": "Microsoft Exploitability Index",
"url": "https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Microsoft Exchange Server Spoofing Vulnerability",
"tracking": {
"current_release_date": "2024-11-27T08:00:00.000Z",
"generator": {
"date": "2025-07-10T21:42:55.222Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2024-49040",
"initial_release_date": "2024-11-12T08:00:00.000Z",
"revision_history": [
{
"date": "2024-11-12T08:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2024-11-14T08:00:00.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Added an FAQ to indicated that we have temporarily paused the rollout of this update. Please see the Exchange Server [Blog entry](https://techcommunity.microsoft.com/blog/exchange/released-november-2024-exchange-server-security-updates/4293125) for more information."
},
{
"date": "2024-11-27T08:00:00.000Z",
"legacy_version": "3",
"number": "3",
"summary": "Microsoft has addressed the known issue in the November 12, 2024 security update. We strongly recommend installing the new security update identified by KB5049233. Please see the [Exchange Server blog post](https://techcommunity.microsoft.com/blog/exchange/released-november-2024-exchange-server-security-updates/4293125) for more information."
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c15.02.1258.039",
"product": {
"name": "Microsoft Exchange Server 2019 Cumulative Update 13 \u003c15.02.1258.039",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "15.02.1258.039",
"product": {
"name": "Microsoft Exchange Server 2019 Cumulative Update 13 15.02.1258.039",
"product_id": "12191"
}
}
],
"category": "product_name",
"name": "Microsoft Exchange Server 2019 Cumulative Update 13"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c15.02.1544.014",
"product": {
"name": "Microsoft Exchange Server 2019 Cumulative Update 14 \u003c15.02.1544.014",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "15.02.1544.014",
"product": {
"name": "Microsoft Exchange Server 2019 Cumulative Update 14 15.02.1544.014",
"product_id": "12293"
}
}
],
"category": "product_name",
"name": "Microsoft Exchange Server 2019 Cumulative Update 14"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c15.01.2507.044",
"product": {
"name": "Microsoft Exchange Server 2016 Cumulative Update 23 \u003c15.01.2507.044",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "15.01.2507.044",
"product": {
"name": "Microsoft Exchange Server 2016 Cumulative Update 23 15.01.2507.044",
"product_id": "12039"
}
}
],
"category": "product_name",
"name": "Microsoft Exchange Server 2016 Cumulative Update 23"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-49040",
"cwe": {
"id": "CWE-451",
"name": "User Interface (UI) Misrepresentation of Critical Information"
},
"notes": [
{
"category": "general",
"text": "Microsoft",
"title": "Assigning CNA"
},
{
"category": "faq",
"text": "Yes. Please see the information available in Exchange Server non-RFC compliant P2 FROM header detection.",
"title": "Is there additional information I need to know about or actions to perform after installing the update?"
},
{
"category": "faq",
"text": "Microsoft has temporarily paused the rollout of this update. Please see the known issues section of the Exchange Server blog post.\nWe are working on addressing this issue and we\u0027ll update this CVE when it is resolved.",
"title": "Why are the Exchange Server updates no longer available on the download center?"
}
],
"product_status": {
"fixed": [
"12039",
"12191",
"12293"
],
"known_affected": [
"1",
"2",
"3"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-49040 Microsoft Exchange Server Spoofing Vulnerability - HTML",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49040"
},
{
"category": "self",
"summary": "CVE-2024-49040 Microsoft Exchange Server Spoofing Vulnerability - CSAF",
"url": "https://msrc.microsoft.com/csaf/advisories/2024/msrc_cve-2024-49040.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-12T08:00:00.000Z",
"details": "15.02.1258.039:Security Update:https://support.microsoft.com/help/5049233",
"product_ids": [
"2"
],
"url": "https://support.microsoft.com/help/5049233"
},
{
"category": "vendor_fix",
"date": "2024-11-12T08:00:00.000Z",
"details": "15.02.1544.014:Security Update:https://support.microsoft.com/help/5049233",
"product_ids": [
"1"
],
"url": "https://support.microsoft.com/help/5049233"
},
{
"category": "vendor_fix",
"date": "2024-11-12T08:00:00.000Z",
"details": "15.01.2507.044:Security Update:https://support.microsoft.com/help/5049233",
"product_ids": [
"3"
],
"url": "https://support.microsoft.com/help/5049233"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalsScore": 0.0,
"exploitCodeMaturity": "PROOF_OF_CONCEPT",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 6.7,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Spoofing"
},
{
"category": "exploit_status",
"details": "Publicly Disclosed:Yes;Exploited:No;Latest Software Release:Exploitation More Likely"
}
],
"title": "Microsoft Exchange Server Spoofing Vulnerability"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…