Aug 2025: Microsoft Exchange Server Information Disclosure Vulnerability
CVE-2025-33051 Published on August 12, 2025
Microsoft Exchange Server Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Microsoft Exchange Server allows an unauthorized attacker to disclose information over a network.
Weakness Type
What is an Information Disclosure Vulnerability?
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CVE-2025-33051 has been classified to as an Information Disclosure vulnerability or weakness.
Products Associated with CVE-2025-33051
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2025-33051 are published in these products:
Affected Versions
Microsoft Exchange Server 2016 Cumulative Update 23:- Version 15.01.0.0 and below 15.01.2507.058 is affected.
- Version 15.02.0.0 and below 15.02.1544.033 is affected.
- Version 15.02.0.0 and below 15.02.1748.036 is affected.
- Version 15.02.0.0 and below 15.02.2562.020 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.