CVE-2017-8758

Name of the Vulnerable Software and Affected Versions Microsoft Exchange Server 2016

Description An elevation of privilege issue exists due to the failure of Microsoft Exchange Outlook Web Access (OWA) to properly handle web requests. This could allow an attacker to perform script or content injection attacks, potentially tricking users into disclosing sensitive information. The exploitation of this issue requires a user to click on a maliciously crafted link provided by an attacker.

Recommendations For Microsoft Exchange Server 2016, consider restricting access to OWA until a proper fix is applied, and advise users to avoid clicking on suspicious links from untrusted sources. At the moment, there is no information about a newer version that contains a fix for this vulnerability.