CVE-2024-49040

Name of the Vulnerable Software and Affected Versions Microsoft Exchange Server (affected versions not specified)

Description The issue is related to a spoofing vulnerability in Microsoft Exchange Server, which allows attackers to affect the system. This vulnerability can be exploited to conduct spoofing attacks, making an attacker's email address appear legitimate to the victim. The vulnerability is caused by the current implementation of the P2 FROM header verification. It is particularly useful for spear phishing and other forms of email-based deception. Over 1 million potential targets have been found.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.