Primary

Context

Microsoft Exchange Server Improper Authorization Information Disclosure Vulnerability

Vulnerability

Patched

A vulnerability exists in Microsoft Exchange Server that allows an authorized attacker to improperly disclose information over the network. This issue arises from improper authorization, enabling an authenticated user to access unauthorized data.

Impact

Exploitation of this vulnerability could lead to unauthorized access to email attachments in other users' mailboxes within the same organization.

Remediation

Users can download the security update for this vulnerability through the Microsoft Update Catalog. Specific update details can be found in the Microsoft Knowledge Base articles linked in the product update information.

Added: Jun 9, 2026, 6:38 PM

Updated: Jun 9, 2026, 6:38 PM

Vulnerability Rating

Custom Algorithm

spread

6.4

impact

0.6

exploitability

5.4

remediation

7.7

relevance

9.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.4

impact

0.6

exploitability

5.4

remediation

7.7

relevance

9.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft Exchange Server Improper Authorization Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Microsoft Exchange Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating