Microsoft Exchange Server Spoofing Vulnerability

CVE-2023-21762

Summary

A spoofing vulnerability exists in Microsoft Exchange Server, potentially allowing an attacker to impersonate another user and send malicious emails without proper authentication. This can facilitate phishing attacks, where the recipient may be misled into believing they are receiving legitimate communication. Organizations using affected versions of Exchange Server should apply security updates promptly to mitigate the risk of exploitation. For further details, refer to Microsoft's advisory.

News Articles

BornCity

CVE-2023-21745CVE-2023-21762

Exchange Server Security Updates (January 10, 2023)

[German]Microsoft has released security updates for Exchange Server 2013, Exchange Server 2016 and Exchange Server 2019 as of January 10, 2023. These security updates close two vulnerabilities (Elevation of Privilege and Spoofing) in this software. These updates should be installed on systems in a t...

References