CVE-2019-1266

Summary

A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web App (OWA) fails to properly handle web requests, aka 'Microsoft Exchange Spoofing Vulnerability'.

Affected Software

VendorProductVersion RangeStatus
MicrosoftMicrosoft Exchange Server 2016Cumulative Update 12affected
MicrosoftMicrosoft Exchange Server 2016Cumulative Update 13affected
MicrosoftMicrosoft Exchange Server 2019Cumulative Update 1affected
MicrosoftMicrosoft Exchange Server 2019Cumulative Update 2affected

Weaknesses

  • Spoofing

ADP Enrichment

CVE Program Container

Additional References

References