Primary

Context

Microsoft Exchange Server Information Disclosure Vulnerability

Vulnerability

Patched

A vulnerability in Microsoft Exchange Server allows unauthorized attackers to disclose sensitive information over a network. This issue arises from the exposure of information to unauthorized actors, potentially allowing them to determine the existence of email addresses on the server.

Impact

Exploitation of this vulnerability could lead to unauthorized information disclosure, specifically regarding the existence of email addresses on the affected server.

Remediation

Users can apply the security update provided by Microsoft to address this vulnerability. Instructions for downloading the security update are available on the Microsoft Exchange Server Security Update page.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

6.4

impact

2.5

exploitability

7.6

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.4

impact

2.5

exploitability

7.6

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft Exchange Server Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Microsoft Exchange Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating