CNNVD-202512-1159 Information
CNNVD ID
CNNVD-202512-1159
Related CVE
- CNNVD Published: 2025-12-09
Description (Chinese)
Microsoft Exchange Server是美国微软(Microsoft)公司的一套电子邮件服务程序。它提供邮件存取、储存、转发,语音邮件,邮件过滤筛选等功能。 Microsoft Exchange Server存在输入验证错误漏洞。攻击者利用该漏洞可以提升权限。以下产品和版本受到影响:Microsoft Exchange Server 2019 Cumulative Update 15,Microsoft Exchange Server 2016 Cumulative Update 23,Microsoft Exchange Server Subscription Edition RTM,Microsoft Exchange Server 2019 Cumulative Update 14。
Description (English)
Microsoft Exchange Server is an e-mail service for Microsoft (MSC) in the United States. It provides e-mail access, storage, forwarding, voice mail and mail filtering. Microsoft Exchange Server has an input authentication bug. The attackers use this loophole to enhance their authority. The following products and versions were affected: Microsoft Exchange Server 2019 Cumulative Update 15, Microsoft Exchange Server 2016 Cumulative Update 23, Microsoft Exchange Server Subscription Application RTM, Microsoft Exchange Server 2019 Cumulative Update 14.
Hazard Level
Medium
Vulnerability Type
输入验证错误
Affected Vendor
微软
Published
2025-12-09
Last Modified
2026-02-24
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-64666
Patch
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-64666
Share on: