Описание
Microsoft Exchange Server Security Feature Bypass Vulnerability
FAQ
Was this vulnerability found in the 2021 Pwn2Own contest?
Yes, this was one of the Exchange Server vulnerabilities found in the 2021 Pwn2Own contest.
According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?
Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft Exchange Server 2013 Cumulative Update 23 | ||
| Microsoft Exchange Server 2016 Cumulative Update 19 | ||
| Microsoft Exchange Server 2019 Cumulative Update 8 | ||
| Microsoft Exchange Server 2019 Cumulative Update 9 | ||
| Microsoft Exchange Server 2016 Cumulative Update 20 |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
6.6 Medium
CVSS3
Связанные уязвимости
Microsoft Exchange Server Security Feature Bypass Vulnerability
Microsoft Exchange Server Security Feature Bypass Vulnerability
Уязвимость почтового сервера Microsoft Exchange Server, связанная с ошибками в настройках безопасности, позволяющая нарушителю выполнить произвольный код с привилегиями SYSTEM
EPSS
6.6 Medium
CVSS3