CVE-2017-8621 Information

Description

Microsoft Exchange Server 2010 SP3 Exchange Server 2013 SP3 Exchange Server 2013 CU16 and Exchange Server 2016 CU5 allows an open redirect vulnerability that could lead to spoofing aka \Microsoft Exchange Open Redirect Vulnerability.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Reference

http://www.securityfocus.com/bid/99533 http://www.securitytracker.com/id/1038852 https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8621

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

CHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

NONE

Base Severity

6.1