CVE-2024-49040

Published Nov 12, 2024
Last updated 2 days ago
CVSS high 7.5
Overview

Description: Microsoft Exchange Server Spoofing Vulnerability
Source: secure@microsoft.com
NVD status: Analyzed
Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Severity: HIGH
Weaknesses

nvd@nist.gov: NVD-CWE-noinfo
secure@microsoft.com: CWE-451
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
Hype score: 1
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8039FBA1-73D4-4FF2-B183-0DCC961CBFF7"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "56728785-188C-470A-9692-E6C7235109CA"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_10:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "63E362CB-CF75-4B7E-A4B1-D6D84AFCBB68"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_11:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9BE04790-85A2-4078-88CE-1787BC5172E7"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_12:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CCF101BE-27FD-4E2D-A694-C606BD3D1ED7"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_13:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4DF5BDB5-205D-4B64-A49A-0152AFCF4A13"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_14:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55284CF7-0D04-4216-83FE-4B1F9CA94207"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_15:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CA2CE223-AA49-49E6-AC32-59270EFF55AD"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_16:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4830D6A9-AF74-480C-8F69-8648CD619980"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_17:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "079E1E3F-FF25-4B0D-AC98-191D6455A014"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_18:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "29805EC7-6403-44B9-91EC-109C087E98EB"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_19:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28FCA0E8-7D27-4746-9731-91B834CA3E64"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "996163E7-6F3F-4D3B-AEA4-62A7F7E1F54D"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "19C1EE0C-B8DD-4B91-BE4B-1C42D72FB718"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3BE427A4-B0C2-4064-8234-29426325C348"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "449CE85B-E599-44D3-A7C1-5133F6A55E86"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE401B0A-DDE4-4A36-8E27-6DB14E094BE2"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "450319C4-7C8F-43B7-B7F8-80DA4F1F2817"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "23015889-48AF-40A5-862F-290E73A54E77"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4FC34516-D7E7-4AD9-9B45-5474831548E0"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5211792E-5292-41C0-B7E9-8AA63EC606EE"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "075E907F-AF2F-4C31-86C7-51972BE412A1"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_9:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69AF19DC-3D65-49A8-A85F-511085CDF27B"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40D8A6DB-9225-4A3F-AD76-192F6CCCF002"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "051DE6C4-7456-4C42-BC51-253208AADB4E"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4185347-EEDD-4239-9AB3-410E2EC89D2A"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "435343A4-BF10-461A-ABF2-D511A5FBDA75"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_12:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B23C8E3E-5243-4DA6-B9AA-F6053084B55E"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE320413-D2C9-4B28-89BF-361B44A3F0FF"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "104F96DC-E280-4E0A-8586-B043B55888C2"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "73B3B3FE-7E85-4B86-A983-2C410FFEF4B8"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8A9FB275-7F17-48B2-B528-BE89309D2AF5"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D4AB3C25-CEA8-4D66-AEE4-953C8B17911A"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36CE5C6D-9A04-41F5-AE7C-265779833649"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "44ECF39A-1DE1-4870-A494-06A53494338D"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "71CDF29B-116B-4DE2-AFD0-B62477FF0AEB"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References
