ID de Prueba:	1.3.6.1.4.1.25623.1.0.815515
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Exchange Server Multiple Vulnerabilities (KB4509409)
Resumen:	This host is missing an important security; update according to Microsoft KB4509409.
Descripción:	Summary: This host is missing an important security update according to Microsoft KB4509409. Vulnerability Insight: Multiple flaws exist due to: - An error when Exchange allows creation of entities with Display Names having non-printable characters. - An elevation of privilege error in Microsoft Exchange Server. - An error when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server. Vulnerability Impact: Successful exploitation will allow attackers to gain the same rights as any other user of the Exchange server, gain access to potentially sensitive information and perform cross-site scripting attacks on affected systems Affected Software/OS: - Microsoft Exchange Server 2016 Cumulative Update 12 - Microsoft Exchange Server 2016 Cumulative Update 13 - Microsoft Exchange Server 2013 Cumulative Update 23 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 5.1 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-1136 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1136 Common Vulnerability Exposure (CVE) ID: CVE-2019-1084 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1084 Common Vulnerability Exposure (CVE) ID: CVE-2019-1137 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1137
Copyright	Copyright (C) 2019 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.