CVE Catalog

CVE-2026-45504

HighCVSS 8.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.40%

32th percentile - higher than 32% of all known CVEs

Summary

A server-side request forgery (SSRF) vulnerability in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.

Risk Assessment

This vulnerability could allow attackers to gain access to network resources, potentially leading to serious security breaches within the organization.

Recommendation

It is recommended to update Microsoft Exchange Server to the latest version to mitigate this vulnerability and to monitor logs for potential attack attempts.

Original NVD description (English source)

Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS