Описание
Microsoft Exchange Server Remote Code Execution Vulnerability
FAQ
According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?
An authenticated attacker could exploit this vulnerability with LAN access.
How could an attacker exploit this vulnerability?
An authenticated attacker who is on the same intranet as the Exchange server can achieve remote code execution via a PowerShell remoting session.
According to the CVSS metric, privileges required is low (PR:L). Does the attacker need to be in an authenticated role on the Exchange Server?
Yes, the attacker must be authenticated with LAN-access and have credentials for a valid Exchange user.
What can cause this vulnerability?
The vulnerability occurs due to improper validation of cmdlet arguments.
Does the attacker need to be in an authenticated role in the Exchange Server?
Yes, the attacker must be authenticated.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft Exchange Server 2019 Cumulative Update 12 | ||
| Microsoft Exchange Server 2016 Cumulative Update 23 | ||
| Microsoft Exchange Server 2019 Cumulative Update 13 |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
DOS
EPSS
8 High
CVSS3
Связанные уязвимости
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
Уязвимость почтового сервера Microsoft Exchange Server, связанная с ошибками при проверке аргументов командлета, позволяющая нарушителю выполнить произвольный код
EPSS
8 High
CVSS3