ID de Prueba:	1.3.6.1.4.1.25623.1.0.806108
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Exchange Server information Disclosure Vulnerability (3089250)
Resumen:	This host is missing an important security; update according to Microsoft Bulletin MS15-103.
Descripción:	Summary: This host is missing an important security update according to Microsoft Bulletin MS15-103. Vulnerability Insight: Flaw is due to Microsoft Exchange web applications when Exchange does not properly manage same-origin policy. Vulnerability Impact: Successful exploitation will allow remote attackers to scan and attack systems behind a firewall that are normally inaccessible from the outside world, enumerate and attack services that are running on these host systems and exploit host-based authentication services. Affected Software/OS: - Microsoft Exchange Server 2013 SP1 - Microsoft Exchange Server 2013 Cumulative Update 9 and - Microsoft Exchange Server 2013 Cumulative Update 8 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-2505 Microsoft Security Bulletin: MS15-103 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-103 http://www.securitytracker.com/id/1033495 Common Vulnerability Exposure (CVE) ID: CVE-2015-2543 Common Vulnerability Exposure (CVE) ID: CVE-2015-2544
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.