{"api_version":"1","generated_at":"2026-06-24T20:35:20+00:00","cve":"CVE-2025-64667","urls":{"html":"https://cve.report/CVE-2025-64667","api":"https://cve.report/api/cve/CVE-2025-64667.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2025-64667","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2025-64667"},"summary":{"title":"Microsoft Exchange Server Spoofing Vulnerability","description":"User interface (ui) misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.","state":"PUBLISHED","assigner":"microsoft","published_at":"2025-12-09 18:16:06","updated_at":"2026-06-15 19:16:23"},"problem_types":["CWE-451","CWE-451 CWE-451: User Interface (UI) Misrepresentation of Critical Information"],"metrics":[{"version":"3.1","source":"secure@microsoft.com","type":"Secondary","score":"5.3","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"}},{"version":"3.1","source":"CNA","type":"CVSS","score":"5.3","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C","data":{"baseScore":5.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C","version":"3.1"}}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-64667","name":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-64667","refsource":"secure@microsoft.com","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2025-64667","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-64667","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Microsoft","product":"Microsoft Exchange Server 2016 Cumulative Update 23","version":"affected 15.01.0.0 15.01.2507.063 custom","platforms":["x64-based Systems"]},{"source":"CNA","vendor":"Microsoft","product":"Microsoft Exchange Server 2019 Cumulative Update 14","version":"affected 15.02.0.0 15.02.1544.037 custom","platforms":["x64-based Systems"]},{"source":"CNA","vendor":"Microsoft","product":"Microsoft Exchange Server 2019 Cumulative Update 15","version":"affected 15.02.0.0 15.02.1748.042 custom","platforms":["x64-based Systems"]},{"source":"CNA","vendor":"Microsoft","product":"Microsoft Exchange Server Subscription Edition RTM","version":"affected 15.02.0.0 15.02.2562.035 custom","platforms":["x64-based Systems"]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2016","cpe7":"-","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2016","cpe7":"cumulative_update_1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2016","cpe7":"cumulative_update_10","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2016","cpe7":"cumulative_update_11","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2016","cpe7":"cumulative_update_12","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2016","cpe7":"cumulative_update_13","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2016","cpe7":"cumulative_update_14","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2016","cpe7":"cumulative_update_15","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2016","cpe7":"cumulative_update_16","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2016","cpe7":"cumulative_update_17","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2016","cpe7":"cumulative_update_18","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2016","cpe7":"cumulative_update_19","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2016","cpe7":"cumulative_update_2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2016","cpe7":"cumulative_update_20","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2016","cpe7":"cumulative_update_21","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2016","cpe7":"cumulative_update_22","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2016","cpe7":"cumulative_update_3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2016","cpe7":"cumulative_update_4","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2016","cpe7":"cumulative_update_5","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2016","cpe7":"cumulative_update_6","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2016","cpe7":"cumulative_update_7","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2016","cpe7":"cumulative_update_8","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2016","cpe7":"cumulative_update_9","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2019","cpe7":"-","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2019","cpe7":"cumulative_update_1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2019","cpe7":"cumulative_update_10","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2019","cpe7":"cumulative_update_11","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2019","cpe7":"cumulative_update_12","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2019","cpe7":"cumulative_update_13","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2019","cpe7":"cumulative_update_2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2019","cpe7":"cumulative_update_3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2019","cpe7":"cumulative_update_4","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2019","cpe7":"cumulative_update_5","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2019","cpe7":"cumulative_update_6","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2019","cpe7":"cumulative_update_7","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2019","cpe7":"cumulative_update_8","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"2019","cpe7":"cumulative_update_9","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"64667","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server_subscription_edition","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2025","cve_id":"64667","cve":"CVE-2025-64667","epss":"0.008220000","percentile":"0.524660000","score_date":"2026-06-21","updated_at":"2026-06-22 00:08:35"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2025-64667","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2025-12-09T20:16:19.128228Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2025-12-09T20:39:59.188Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"platforms":["x64-based Systems"],"product":"Microsoft Exchange Server 2016 Cumulative Update 23","vendor":"Microsoft","versions":[{"lessThan":"15.01.2507.063","status":"affected","version":"15.01.0.0","versionType":"custom"}]},{"platforms":["x64-based Systems"],"product":"Microsoft Exchange Server 2019 Cumulative Update 14","vendor":"Microsoft","versions":[{"lessThan":"15.02.1544.037","status":"affected","version":"15.02.0.0","versionType":"custom"}]},{"platforms":["x64-based Systems"],"product":"Microsoft Exchange Server 2019 Cumulative Update 15","vendor":"Microsoft","versions":[{"lessThan":"15.02.1748.042","status":"affected","version":"15.02.0.0","versionType":"custom"}]},{"platforms":["x64-based Systems"],"product":"Microsoft Exchange Server Subscription Edition RTM","vendor":"Microsoft","versions":[{"lessThan":"15.02.2562.035","status":"affected","version":"15.02.0.0","versionType":"custom"}]}],"cpeApplicability":[{"nodes":[{"cpeMatch":[{"criteria":"cpe:2.3:a:microsoft:exchange_server_se:*:RTM:*:*:*:*:*:*","versionEndExcluding":"15.02.2562.035","versionStartIncluding":"15.02.0.0","vulnerable":true},{"criteria":"cpe:2.3:a:microsoft:exchange_server_2016:*:cumulative_update_23:*:*:*:*:*:*","versionEndExcluding":"15.01.2507.063","versionStartIncluding":"15.01.0.0","vulnerable":true},{"criteria":"cpe:2.3:a:microsoft:exchange_server_2019:*:cumulative_update_15:*:*:*:*:*:*","versionEndExcluding":"15.02.1748.042","versionStartIncluding":"15.02.0.0","vulnerable":true},{"criteria":"cpe:2.3:a:microsoft:exchange_server_2019:*:cumulative_update_14:*:*:*:*:*:*","versionEndExcluding":"15.02.1544.037","versionStartIncluding":"15.02.0.0","vulnerable":true}],"negate":false,"operator":"OR"}]}],"datePublic":"2025-12-09T08:00:00.000Z","descriptions":[{"lang":"en-US","value":"User interface (ui) misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network."}],"metrics":[{"cvssV3_1":{"baseScore":5.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en-US","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-451","description":"CWE-451: User Interface (UI) Misrepresentation of Critical Information","lang":"en-US","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-04-16T14:18:39.361Z","orgId":"f38d906d-7342-40ea-92c1-6c4a2c6478c8","shortName":"microsoft"},"references":[{"name":"Microsoft Exchange Server Spoofing Vulnerability","tags":["vendor-advisory","patch"],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-64667"}],"title":"Microsoft Exchange Server Spoofing Vulnerability"}},"cveMetadata":{"assignerOrgId":"f38d906d-7342-40ea-92c1-6c4a2c6478c8","assignerShortName":"microsoft","cveId":"CVE-2025-64667","datePublished":"2025-12-09T17:55:44.488Z","dateReserved":"2025-11-06T23:40:37.276Z","dateUpdated":"2026-04-16T14:18:39.361Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2025-12-09 18:16:06","lastModifiedDate":"2026-06-15 19:16:23","problem_types":["CWE-451","CWE-451 CWE-451: User Interface (UI) Misrepresentation of Critical Information"],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2016:-:*:*:*:*:*:*","matchCriteriaId":"8039FBA1-73D4-4FF2-B183-0DCC961CBFF7"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_1:*:*:*:*:*:*","matchCriteriaId":"56728785-188C-470A-9692-E6C7235109CA"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_10:*:*:*:*:*:*","matchCriteriaId":"63E362CB-CF75-4B7E-A4B1-D6D84AFCBB68"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_11:*:*:*:*:*:*","matchCriteriaId":"9BE04790-85A2-4078-88CE-1787BC5172E7"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_12:*:*:*:*:*:*","matchCriteriaId":"CCF101BE-27FD-4E2D-A694-C606BD3D1ED7"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_13:*:*:*:*:*:*","matchCriteriaId":"4DF5BDB5-205D-4B64-A49A-0152AFCF4A13"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_14:*:*:*:*:*:*","matchCriteriaId":"55284CF7-0D04-4216-83FE-4B1F9CA94207"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_15:*:*:*:*:*:*","matchCriteriaId":"CA2CE223-AA49-49E6-AC32-59270EFF55AD"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_16:*:*:*:*:*:*","matchCriteriaId":"4830D6A9-AF74-480C-8F69-8648CD619980"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_17:*:*:*:*:*:*","matchCriteriaId":"079E1E3F-FF25-4B0D-AC98-191D6455A014"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_18:*:*:*:*:*:*","matchCriteriaId":"29805EC7-6403-44B9-91EC-109C087E98EB"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_19:*:*:*:*:*:*","matchCriteriaId":"28FCA0E8-7D27-4746-9731-91B834CA3E64"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_2:*:*:*:*:*:*","matchCriteriaId":"996163E7-6F3F-4D3B-AEA4-62A7F7E1F54D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:*","matchCriteriaId":"19C1EE0C-B8DD-4B91-BE4B-1C42D72FB718"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*","matchCriteriaId":"3BE427A4-B0C2-4064-8234-29426325C348"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*","matchCriteriaId":"449CE85B-E599-44D3-A7C1-5133F6A55E86"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_3:*:*:*:*:*:*","matchCriteriaId":"FE401B0A-DDE4-4A36-8E27-6DB14E094BE2"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_4:*:*:*:*:*:*","matchCriteriaId":"450319C4-7C8F-43B7-B7F8-80DA4F1F2817"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_5:*:*:*:*:*:*","matchCriteriaId":"23015889-48AF-40A5-862F-290E73A54E77"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_6:*:*:*:*:*:*","matchCriteriaId":"4FC34516-D7E7-4AD9-9B45-5474831548E0"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_7:*:*:*:*:*:*","matchCriteriaId":"5211792E-5292-41C0-B7E9-8AA63EC606EE"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_8:*:*:*:*:*:*","matchCriteriaId":"075E907F-AF2F-4C31-86C7-51972BE412A1"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_9:*:*:*:*:*:*","matchCriteriaId":"69AF19DC-3D65-49A8-A85F-511085CDF27B"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2019:-:*:*:*:*:*:*","matchCriteriaId":"40D8A6DB-9225-4A3F-AD76-192F6CCCF002"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_1:*:*:*:*:*:*","matchCriteriaId":"051DE6C4-7456-4C42-BC51-253208AADB4E"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*","matchCriteriaId":"B4185347-EEDD-4239-9AB3-410E2EC89D2A"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*","matchCriteriaId":"435343A4-BF10-461A-ABF2-D511A5FBDA75"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_12:*:*:*:*:*:*","matchCriteriaId":"B23C8E3E-5243-4DA6-B9AA-F6053084B55E"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_13:*:*:*:*:*:*","matchCriteriaId":"583745C7-B802-4CBE-BD88-B5B9AF9B5371"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_2:*:*:*:*:*:*","matchCriteriaId":"EE320413-D2C9-4B28-89BF-361B44A3F0FF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_3:*:*:*:*:*:*","matchCriteriaId":"104F96DC-E280-4E0A-8586-B043B55888C2"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_4:*:*:*:*:*:*","matchCriteriaId":"73B3B3FE-7E85-4B86-A983-2C410FFEF4B8"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_5:*:*:*:*:*:*","matchCriteriaId":"8A9FB275-7F17-48B2-B528-BE89309D2AF5"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_6:*:*:*:*:*:*","matchCriteriaId":"D4AB3C25-CEA8-4D66-AEE4-953C8B17911A"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_7:*:*:*:*:*:*","matchCriteriaId":"36CE5C6D-9A04-41F5-AE7C-265779833649"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_8:*:*:*:*:*:*","matchCriteriaId":"44ECF39A-1DE1-4870-A494-06A53494338D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:*","matchCriteriaId":"71CDF29B-116B-4DE2-AFD0-B62477FF0AEB"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server_subscription_edition:*:*:*:*:*:*:*:*","versionEndExcluding":"15.02.2562.035","matchCriteriaId":"A25F7D23-8614-4AB2-B91E-71949E23E8BE"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2025","CveId":"64667","Ordinal":"1","Title":"Microsoft Exchange Server Spoofing Vulnerability","CVE":"CVE-2025-64667","Year":"2025"},"notes":[{"CveYear":"2025","CveId":"64667","Ordinal":"1","NoteData":"User interface (ui) misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.","Type":"Description","Title":"Microsoft Exchange Server Spoofing Vulnerability"}]}}}