FortiClient VulnerabilityMicrosoft Exchange CVE-2018-0940 Elevation of Privilege Vulnerability
Description
An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly sanitize links presented to users. An attacker who successfully exploited this vulnerability could override the OWA interface with a fake login page and attempt to trick the user into disclosing sensitive information.
Affected Applications
Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 20
Microsoft Exchange Server 2013 Cumulative Update 18
Microsoft Exchange Server 2013 Cumulative Update 19
Microsoft Exchange Server 2013 Service Pack 1
Microsoft Exchange Server 2016 Cumulative Update 7
Microsoft Exchange Server 2016 Cumulative Update 8
CVE References
CVE-2018-0940Other References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2018-0940| ID | 48687 |
| Created | Jul 11, 2018 |
| Description Updated |
Dec 21, 2023 |
| Risk |
|
| Coverage | FortiClient |
| OS | Windows |
| Vendor | Microsoft |
| Patch | auto |
| Application | Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 20 , Microsoft Exchange Server 2013 Cumulative Update 18 , Microsoft Exchange Server 2013 Cumulative Update 19 , Microsoft Exchange Server 2013 Service Pack 1 , Microsoft Exchange Server 2016 Cumulative Update 7 , Microsoft Exchange Server 2016 Cumulative Update 8 |