Описание
Microsoft Exchange Server Remote Code Execution Vulnerability
FAQ
According to the CVSS metric, the attack vector is network (AV:N), privileges required is high (PR:H) and the user interaction is none (UI:N). How could an attacker exploit this vulnerability?
The attacker who successfully exploited this vulnerability could target the server accounts in an arbitrary or remote code execution. As an authenticated admin, the attacker could attempt to trigger malicious code in the context of the server's account through a network call.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft Exchange Server 2019 Cumulative Update 11 | ||
| Microsoft Exchange Server 2019 Cumulative Update 12 | ||
| Microsoft Exchange Server 2016 Cumulative Update 23 |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
DOS
EPSS
7.2 High
CVSS3
Связанные уязвимости
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
Уязвимость почтового сервера Microsoft Exchange Server, связанная с неверным управлением генерацией кода, позволяющая нарушителю выполнить произвольный код
EPSS
7.2 High
CVSS3