CVE-2015-1631 — Improper Access Control in Microsoft Exchange Server

CWE-284 — Improper Access Control3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
8.6%
top 7.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Exchange Server
Timeline
PublishedMar 11
Latest updateMay 14

Description

Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote attackers to spoof meeting organizers via unspecified vectors, aka "Exchange Forged Meeting Request Spoofing Vulnerability."

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-7v6c-mcrv-7h8f: Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote attackers to spoof meeting organizers via unspecified vectors, aka "Exchange↗2022-05-14
â–¶
CVEList
CVE-2015-1631: Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote attackers to spoof meeting organizers via unspecified vectors, aka "Exchange↗2015-03-11
â–¶
CVE-2015-1631 — Improper Access Control in Microsoft | cvebase