CVE-2019-0588

medium

Description

An information disclosure vulnerability exists when the Microsoft Exchange PowerShell API grants calendar contributors more view permissions than intended, aka "Microsoft Exchange Information Disclosure Vulnerability." This affects Microsoft Exchange Server.

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0588

http://www.securityfocus.com/bid/106437

Details

Source: Mitre, NVD

Published: 2019-01-08

Updated: 2020-08-24

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N