Kaspersky LabKLA10658KLA10658 Multiple vulnerabilities in Microsoft Exchange Server
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.039 Low
EPSS
Percentile
91.8%
Detect date:
09/08/2015
Severity:
Warning
Description:
Multiple serious vulnerabilities have been found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to spoof user interface or obtain sensitive information.
Affected products:
Exchange Server 2013 Cumulative Update 8
Exchange Server 2013 Cumulative Update 9
Exchange Server 2013 Service Pack 1
Solution:
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories:
CVE-2015-2544
CVE-2015-2505
CVE-2015-2543
Impacts:
OSI
Related products:
CVE-IDS:
CVE-2015-25444.3Warning
CVE-2015-25055.0Critical
CVE-2015-25434.3Warning
Microsoft official advisories:
KB list:
References
support.microsoft.com/kb/3087126
support.microsoft.com/kb/3089250
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2505
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2543
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2544
portal.msrc.microsoft.com/en-us/security-guidance
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2505
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2543
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2544
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Microsoft-Exchange-Server/
Related
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.039 Low
EPSS
Percentile
91.8%