This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.
The remote Microsoft Exchange server is affected by multiple spoofing
The remote Microsoft Exchange server is missing a security update. It
is, therefore, affected by multiple spoofing vulnerabilities in
Outlook Web Access (OWA) due to a failure to properly handle web
requests. An attacker can exploit these vulnerabilities, via a crafted
email containing a malicious link, to redirect the user to a website
of the attacker's choosing.
See also :
Microsoft has released a set of patches for Exchange 2013 and 2016.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.2
Public Exploit Available : false
Family: Windows : Microsoft Bulletins
Nessus Plugin ID: 87895 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now