#VU100312 Spoofing attack in Microsoft Exchange Server - CVE-2024-49040

Cybersecurity Help s.r.o.

Published: 2024-11-12 | Updated: 2025-02-04

Vulnerability identifier: #VU100312

Vulnerability risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-49040

CWE-ID: CWE-451

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Microsoft Exchange Server
Server applications / Mail servers

Vendor: Microsoft

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of user-supplied data. A remote attacker can spoof content of email messages in the Microsoft Exchange client interface.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Microsoft Exchange Server: 2016 Cumulative Update 1 15.01.0396.030 - 2016 CU23 Apr24HU 15.01.2507.039, 2019 Cumulative Update 1 15.02.0330.005 - 2019 RTM 15.02.0221.012

External links
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49040

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Anolis OS update for thunderbird

Spoofing attack in Microsoft Exchange Server