Test Kennung:	1.3.6.1.4.1.25623.1.0.806108
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Exchange Server information Disclosure Vulnerability (3089250)
Zusammenfassung:	This host is missing an important security; update according to Microsoft Bulletin MS15-103.
Beschreibung:	Summary: This host is missing an important security update according to Microsoft Bulletin MS15-103. Vulnerability Insight: Flaw is due to Microsoft Exchange web applications when Exchange does not properly manage same-origin policy. Vulnerability Impact: Successful exploitation will allow remote attackers to scan and attack systems behind a firewall that are normally inaccessible from the outside world, enumerate and attack services that are running on these host systems and exploit host-based authentication services. Affected Software/OS: - Microsoft Exchange Server 2013 SP1 - Microsoft Exchange Server 2013 Cumulative Update 9 and - Microsoft Exchange Server 2013 Cumulative Update 8 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-2505 Microsoft Security Bulletin: MS15-103 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-103 http://www.securitytracker.com/id/1033495 Common Vulnerability Exposure (CVE) ID: CVE-2015-2543 Common Vulnerability Exposure (CVE) ID: CVE-2015-2544
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.