CVE-2026-45501
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk23th percentile - higher than 23% of all known CVEs
Summary
A Server-Side Request Forgery (SSRF) vulnerability in Microsoft Exchange Server allows an authorized attacker to perform spoofing over a network. This flaw can be exploited to send unauthorized requests to internal network resources.
Risk Assessment
The risk involves potential privilege escalation and access to sensitive internal data through server request manipulation. An attacker can impersonate other systems, leading to network confidentiality and integrity breaches.
Recommendation
Immediately apply security patches provided by Microsoft for Exchange Server. Additionally, restrict trust in network requests and monitor traffic for suspicious SSRF patterns.
Original NVD description (English source)
Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to perform spoofing over a network.

