virus logo FortiClient Vulnerability

Microsoft Exchange CVE-2017-8621 Open Redirect Vulnerability

description-logoDescription

An open redirect vulnerability exists in Microsoft Exchange that could lead to spoofing. To exploit the vulnerability, an attacker could send a link that has a specially crafted URL, and convince the user to click the link. When an authenticated Exchange user clicks the link, the authenticated user's browser session could be redirected to a malicious site that is designed to impersonate a legitimate website. By doing so, the attacker could trick the user and potentially acquire sensitive information, such as the user's credentials.

affected-products-logoAffected Applications

Microsoft Exchange Server 2010 Service Pack 3
Microsoft Exchange Server 2013 Cumulative Update 16
Microsoft Exchange Server 2013 Service Pack 1
Microsoft Exchange Server 2016 Cumulative Update 5

CVE References

CVE-2017-8621

Other References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-8621
ID 36326
Created Jul 11, 2018
Description
Updated		 Dec 21, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Microsoft
Patch auto
Application Microsoft Exchange Server 2010 Service Pack 3 , Microsoft Exchange Server 2013 Cumulative Update 16 , Microsoft Exchange Server 2013 Service Pack 1 , Microsoft Exchange Server 2016 Cumulative Update 5