Exploit for #VU48853 Information disclosure in Microsoft Exchange Server

Exploit for #VU48853 Information disclosure in Microsoft Exchange Server

Published: 2020-12-14

Vulnerability identifier: #VU48853

Vulnerability risk: Medium

CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2020-17143

CWE-ID: CWE-200

Exploitation vector: Network

Exploits in database: 1

December 14, 2020
- Microsoft Exchange Server OWA OneDriveProUtilities GetWacUrl XML External Entity Processing Information Disclosure Vulnerability [Source Incite]

Impact: Information disclosure

Vulnerable software:
Microsoft Exchange Server
Server applications / Mail servers

Vendor: Microsoft