High severity8.6NVD Advisory· Published Sep 21, 2018· Updated Jun 17, 2026
CVE-2018-16793
CVE-2018-16793
Description
Rollup 18 for Microsoft Exchange Server 2010 SP3 and previous versions has an SSRF vulnerability via the username parameter in /owa/auth/logon.aspx in the OWA (Outlook Web Access) login page.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <=2010 SP3 Rollup 18
Patches
Vulnerability mechanics
References
4- packetstormsecurity.com/files/149411/Rollup-18-For-Microsoft-Exchange-Server-2010-SP3-Server-Side-Request-Forgery.htmlnvdExploitThird Party AdvisoryVDB Entry
- seclists.org/fulldisclosure/2018/Sep/20nvdExploitMailing ListThird Party Advisory
- seclists.org/bugtraq/2018/Sep/38nvdExploitIssue TrackingMailing ListThird Party Advisory
- www.securityfocus.com/bid/105386nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.