CVE-2023-21709

Опубликовано: 08 авг. 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

Microsoft Exchange Server Elevation of Privilege Vulnerability

Ссылки

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21709
Patch
Vendor Advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21709
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:microsoft:exchange_server:2016:-:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_1:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_10:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_11:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_12:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_13:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_14:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_15:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_16:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_17:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_18:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_19:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_2:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_3:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_4:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_5:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_6:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_7:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_8:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_9:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2019:-:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_1:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_2:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_3:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_4:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_5:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_6:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_7:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_8:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:*

EPSS

Процентиль: 87%

0.03581

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-307

Связанные уязвимости

GHSA-jrpp-v555-xqmp

CVSS3: 9.8

github

почти 2 года назад

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2023-38185

CVSS3: 8.8

msrc

почти 2 года назад

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-38182

CVSS3: 8

msrc

почти 2 года назад

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-38181

CVSS3: 8.8

msrc

почти 2 года назад

Microsoft Exchange Server Spoofing Vulnerability

CVE-2023-35388

CVSS3: 8

msrc

почти 2 года назад

Microsoft Exchange Server Remote Code Execution Vulnerability

EPSS

Процентиль: 87%

0.03581

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-307