Forum Discussion
CVE-2024-49040: Mitigating a Critical Microsoft Exchange Server Vulnerability
CVE-2024-49040 is a spoofing vulnerability identified in Microsoft Exchange Server versions 2016 and 2019. This flaw allows attackers to forge legitimate sender addresses on incoming emails, potentia...
Can this be used in a hybrid environment to relay attacks through EXO?
I am seeing squiffy sender domains (e.g. intra-domain<space>dept) from outbound.protection.outlook.com servers.