CVE-2024-49040User Interface (UI) Misrepresentation of Critical Information in Microsoft Exchange Server 2016 Cumulative Update 23

CWE-451User Interface (UI) Misrepresentation of Critical Information5 documents4 sources
Severity
7.5HIGHCNA
No vector
EPSS
5.4%
top 9.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Microsoft Exchange Server 2016 Cumulative Update 23Microsoft Exchange Server 2019 Cumulative Update 13Microsoft Exchange Server 2019 Cumulative Update 14
Timeline
PublishedNov 12
Latest updateFeb 4

Description

Microsoft Exchange Server Spoofing Vulnerability Microsoft Exchange Server Spoofing Vulnerability

Affected Packages3 packages

🔴Vulnerability Details

1
CVEList
Microsoft Exchange Server Spoofing Vulnerability2024-11-12

📋Vendor Advisories

4
Red Hat
thunderbird: Address of e-mail sender can be spoofed by malicious email2025-02-04
Microsoft
Microsoft Exchange Server Spoofing Vulnerability2024-11-12
Mozilla
Mozilla Foundation Security Advisory 2025-11: CVE-2024-49040
Mozilla
Mozilla Foundation Security Advisory 2025-10: CVE-2024-49040
CVE-2024-49040 — Microsoft vulnerability | cvebase