5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.039 Low
EPSS
Percentile
91.8%
09/08/2015
Warning
Multiple serious vulnerabilities have been found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to spoof user interface or obtain sensitive information.
Exchange Server 2013 Cumulative Update 8
Exchange Server 2013 Cumulative Update 9
Exchange Server 2013 Service Pack 1
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2015-2544
CVE-2015-2505
CVE-2015-2543
OSI
CVE-2015-25444.3Warning
CVE-2015-25055.0Critical
CVE-2015-25434.3Warning
support.microsoft.com/kb/3087126
support.microsoft.com/kb/3089250
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2505
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2543
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2544
portal.msrc.microsoft.com/en-us/security-guidance
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2505
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2543
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2544
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Microsoft-Exchange-Server/