Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2017-8621

Microsoft Exchange Server 2010 SP3, Exchange Server 2013 SP3, Exchange Server 2013 CU16, and Exchange Server 2016 CU5 allows an open redirect vulnerability that could lead to spoofing, aka "Microsoft Exchange Open Redirect Vulnerability".

  • Published: Jul 11, 2017
  • Updated: Apr 13, 2023
  • CVE: CVE-2017-8621
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.1
  • AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS v2:

  • Severity: Medium
  • Score: 5.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:N

CWEs:

Software From Fixed in
microsoft / exchange_server 2010-sp3 2010-sp3.x
microsoft / exchange_server 2013-sp1 2013-sp1.x
microsoft / exchange_server 2013-cumulative_update_16 2013-cumulative_update_16.x
microsoft / exchange_server 2016-cumulative_update_5 2016-cumulative_update_5.x