Skip to main content

Microsoft Exchange Server EUVDEUVD-2026-35679

| CVE-2026-45503 MEDIUM
Improper Authorization (CWE-285)
2026-06-09 secure@microsoft.com GHSA-p44w-fhq3-v2jv
6.5
CVSS 3.1 · NVD
Temporal: 7.1
Share

Severity by source

NVD PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
ENISA EUVD
HIGH
qualitative
CIRCL (temporal)
7.1 HIGH
cvss

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

5
Severity Changed
Jun 15, 2026 - 19:37 NVD
HIGH MEDIUM
CVSS changed
Jun 15, 2026 - 19:37 NVD
8.1 (HIGH) 6.5 (MEDIUM)
Patch available
Jun 09, 2026 - 19:03 EUVD
Analysis Generated
Jun 09, 2026 - 18:17 vuln.today
CVE Published
Jun 09, 2026 - 17:17 nvd
HIGH 8.1

DescriptionNVD

Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to disclose information over a network.

AnalysisAI

Server-side request forgery in Microsoft Exchange Server allows an authenticated attacker with low privileges to coerce the Exchange server into making arbitrary outbound requests, resulting in disclosure of sensitive information and potential integrity impact across internal network resources. The CVSS 8.1 score reflects the high confidentiality and integrity impact from a network-reachable, low-complexity attack, though no public exploit identified at time of analysis. The vulnerability is tagged as an Authentication Bypass / SSRF, suggesting the SSRF primitive may be leveraged to bypass network-based authentication boundaries (e.g., reaching internal trusted endpoints).

Technical ContextAI

Microsoft Exchange Server is a widely deployed enterprise messaging platform that exposes numerous HTTP-based services (OWA, ECP, EWS, Autodiscover, MAPI/HTTP) which historically have been frequent SSRF vectors due to Exchange's design where the server itself makes back-end calls on behalf of clients. The CWE-285 (Improper Authorization) classification indicates the root cause is a missing or flawed authorization check on a request-issuing function, allowing a low-privileged user to instruct the server to fetch resources it should not be permitted to reach. SSRF in Exchange is particularly dangerous because Exchange servers often hold elevated Active Directory privileges and reside on trusted network segments, making outbound server-initiated requests effective for reaching internal-only endpoints, cloud metadata services in hybrid deployments, or other Exchange-internal endpoints that trust the originating host.

RemediationAI

Patch availability per vendor advisory is implied by the MSRC reference at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45503 - administrators should consult that page for the exact Security Update (SU) and Cumulative Update (CU) build numbers required and apply them via Windows Update or by downloading the SU package and running it elevated, then verifying the Exchange Setup/Recovery completed and services restarted cleanly. As compensating controls while patching is scheduled, restrict outbound HTTP/HTTPS egress from Exchange servers to only required Microsoft endpoints (which limits SSRF blast radius but may break hybrid/Office 365 connectors if over-tightened), require multi-factor authentication on all mailbox accounts to raise the cost of obtaining the low-privileged credential the attack requires, and consider placing OWA/ECP behind a reverse proxy or VPN to reduce the population of attackers who can reach the vulnerable endpoint. Monitor IIS logs on Exchange for anomalous request patterns to ECP/EWS/Autodiscover endpoints from authenticated users.

CVE-2020-17132 CRITICAL POC
9.1 Dec 10

Microsoft Exchange Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.1), this vulnerability is remote

CVE-2022-23277 HIGH POC
8.8 Mar 09

Microsoft Exchange Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is rem

CVE-2021-42321 HIGH POC
8.8 Nov 10

Microsoft Exchange Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is rem

CVE-2020-16875 HIGH POC
8.4 Sep 11

<p>A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet argume

CVE-2021-28481 CRITICAL POC
9.8 Apr 13

Microsoft Exchange Server Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is

CVE-2021-28480 CRITICAL POC
9.8 Apr 13

Microsoft Exchange Server Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is

CVE-2018-0986 HIGH POC
8.8 Apr 04

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a speci

CVE-2018-16793 HIGH POC
8.6 Sep 21

Rollup 18 for Microsoft Exchange Server 2010 SP3 and previous versions has an SSRF vulnerability via the username parame

CVE-2019-0724 HIGH POC
8.1 Mar 05

An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of

CVE-2023-36745 HIGH POC
8.0 Sep 12

Microsoft Exchange Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is low

CVE-2013-0418 MEDIUM
6.8 Jan 17

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 and 8.4 allows

CVE-2021-33766 HIGH POC
7.3 Jul 14

Microsoft Exchange Server Information Disclosure Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is re

Share

EUVD-2026-35679 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy