An information disclosure vulnerability exists when the Microsoft Exchange PowerShell API grants calendar contributors more view permissions than intended, aka “Microsoft Exchange Information Disclosure Vulnerability.” This affects Microsoft Exchange Server.
[
{
"product": "Microsoft Exchange Server",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 3 Update Rollup 25"
},
{
"status": "affected",
"version": "2013 Cumulative Update 21"
},
{
"status": "affected",
"version": "2016 Cumulative Update 10"
},
{
"status": "affected",
"version": "2016 Cumulative Update 11"
},
{
"status": "affected",
"version": "2019"
}
]
}
]