vulnerability

Microsoft Exchange: CVE-2017-11932: Microsoft Exchange Spoofing Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:N/AC:M/Au:N/C:P/I:P/A:N)	Dec 12, 2017	Aug 10, 2023	Oct 14, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:N)

Published

Dec 12, 2017

Added

Aug 10, 2023

Modified

Oct 14, 2025

Description

Microsoft Exchange Server 2016 CU5 and Microsoft Exchange Server 2016 CU5 allow a spoofing vulnerability due to the way Outlook Web Access (OWA) validates web requests, aka "Microsoft Exchange Spoofing Vulnerability".

Solutions

microsoft-exchange-exchange_server_2016_CU6-kb4045655microsoft-exchange-exchange_server_2016_CU7-kb4045655

References

BID-102060
CVE-2017-11932
https://attackerkb.com/topics/CVE-2017-11932
CWE-20
URL-https://support.microsoft.com/help/4045655

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today