EUVD-2017-17509

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Microsoft Exchange Server vulnerabilities allow privilege escalation through OWA web request handling.

Reporter	Title	Published	Views	Family All 15
CNVD	Microsoft Exchange Server Cross-Site Scripting Vulnerability (CNVD-2017-15997)	13 Jul 201700:00	–	cnvd
CVE	CVE-2017-8559	11 Jul 201721:00	–	cve
Cvelist	CVE-2017-8559	11 Jul 201721:00	–	cvelist
Microsoft KB	Description of the security update for Microsoft Exchange: July 11, 2017	11 Jul 201707:00	–	mskb
Kaspersky	KLA11845 Multiple vulnerabilities in Microsoft Exchange Server	11 Jul 201700:00	–	kaspersky
Microsoft CVE	Microsoft Exchange Server Elevation of Privilege Vulnerability	11 Jul 201707:00	–	mscve
NVD	CVE-2017-8559	11 Jul 201721:29	–	nvd
OpenVAS	Microsoft Exchange Server Multiple Vulnerabilities (KB4018588)	12 Jul 201700:00	–	openvas
OSV	CVE-2017-8559	11 Jul 201721:29	–	osv
Prion	Cross site scripting	11 Jul 201721:29	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "52a2d60f-2ec9-36fe-b616-8e36234dc6c3",
        "vendor": {
          "name": "Microsoft Corporation"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "c95e19f4-6096-389d-9eb7-0128ddf39f88",
        "product": {
          "name": "Microsoft Exchange Server 2010 SP3, Exchange Server 2013 SP3, Exchange Server 2013 CU16, and Exchange Server 2016 CU5."
        },
        "product_version": "Microsoft Exchange"
      }
    ]
  }
]

Source	Link
securityfocus	www.securityfocus.com/bid/99448
securitytracker	www.securitytracker.com/id/1038852
portal	www.portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8559
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.1Medium risk

Vulners AI Score6.1

CVSS 36.1

CVSS 24.3

EPSS0.0092