CVE-2019-0588

Summary

An information disclosure vulnerability exists when the Microsoft Exchange PowerShell API grants calendar contributors more view permissions than intended, aka "Microsoft Exchange Information Disclosure Vulnerability." This affects Microsoft Exchange Server.

Affected Software

VendorProductVersion RangeStatus
MicrosoftMicrosoft Exchange Server2010 Service Pack 3 Update Rollup 25affected
MicrosoftMicrosoft Exchange Server2013 Cumulative Update 21affected
MicrosoftMicrosoft Exchange Server2016 Cumulative Update 10affected
MicrosoftMicrosoft Exchange Server2016 Cumulative Update 11affected
MicrosoftMicrosoft Exchange Server2019affected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References