Security Advisory

CVE-2025-58107

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-02 00:00:00

Last updated 2026-03-02 18:18:33

Assigner mitre

State PUBLISHED

Description

In Microsoft Exchange through 2019, Exchange ActiveSync (EAS) configurations on on-premises servers may transmit sensitive data from Samsung mobile devices in cleartext, including the users name, e-mail address, device ID, bearer token, and base64-encoded password.

← Browse all CVEs View on cve.org ↗