Forum Discussion
Download Domains - CVE-2021-1730 - issue with missing SAN certificate ?
Hi gents, I have Exchange 2019 with almost recent patch installed Version 15.2 (Build 1544.4) Few months ago I configured required steps to mitigate CVE-2021-1730 and it worked for sure. Now cus...
OK, we have found an issue which is existing wildcard certificate. I did not knew that certificated for *.domain.com is valid for only 1 level, and does not cover deeper subdomains.
Hence having in the URL additional domain level "attachments" such as http://attachments.webmail.domain.com is too much , and it's not covered by current certificate.