CVE-2019-0858

Name of the Vulnerable Software and Affected Versions Microsoft Exchange Server (affected versions not specified)

Description A spoofing issue exists due to improper handling of web requests by Outlook Web Access (OWA) in Microsoft Exchange Server. This could allow a remote attacker to impact the confidentiality and integrity of protected information using a specially crafted link. The attacker could perform script or content injection attacks, trick the user into disclosing sensitive information, or redirect the user to a malicious website that could spoof content. The issue could also be used to chain an attack with other vulnerabilities in web services.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.