CVE-2026-45503

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2026-45503
Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to disclose information over a network.

8.1 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45503
Configurations

No configuration.

History

09 Jun 2026, 23:16

Type Values Removed Values Added
Summary (en) Improper authorization in Microsoft Exchange Server allows an authorized attacker to disclose information over a network. (en) Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to disclose information over a network.

09 Jun 2026, 18:16

Type Values Removed Values Added
Summary (en) Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to disclose information over a network. (en) Improper authorization in Microsoft Exchange Server allows an authorized attacker to disclose information over a network.

09 Jun 2026, 17:17

Type Values Removed Values Added
New CVE
Information

Published : 2026-06-09 17:17

Updated : 2026-06-09 23:16

NVD link : CVE-2026-45503

Mitre link : CVE-2026-45503

CVE.ORG link : CVE-2026-45503

JSON object : View

Products Affected

No product.

CWE
CWE-285

Improper Authorization