Home

Description

User interface (ui) misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.

PUBLISHED Reserved 2025-11-06 | Published 2025-12-09 | Updated 2025-12-11 | Assigner microsoft




MEDIUM: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C

Problem types

CWE-451: User Interface (UI) Misrepresentation of Critical Information

Product status

15.02.0.0 (custom) before 15.02.2562.035
affected

15.01.0.0 (custom) before 15.01.2507.063
affected

15.02.0.0 (custom) before 15.02.1748.042
affected

15.02.0.0 (custom) before 15.02.1544.037
affected

References

msrc.microsoft.com/update-guide/vulnerability/CVE-2025-64667 (Microsoft Exchange Server Spoofing Vulnerability) vendor-advisory

cve.org (CVE-2025-64667)

nvd.nist.gov (CVE-2025-64667)

Download JSON