VDB
CNVD-2023-64869
CNVD-2023-64869
PUBLISHED
CVSS 9.800000190734863 CRITICAL
Microsoft Exchange Server是美国微软(Microsoft)公司的一套电子邮件服务程序。它提供邮件存取、储存、转发,语音邮件,邮件过滤筛选等功能。 Microsoft Exchange Server存在权限提升漏洞,攻击者可利用该漏洞在系统上获得提升的权限。
Risk Scores
CVSS v3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| microsoft | exchange_server | 15.02.0, 15.01.0, 15.02.0 |
| Microsoft | Microsoft Exchange Server 2019 Cumulative Update 13 | 15.02.0 |
| Microsoft | Microsoft Exchange Server 2019 Cumulative Update 12 | 15.02.0 |
| Microsoft | Microsoft Exchange Server 2016 Cumulative Update 23 | 15.01.0 |
Timeline
- Aug 12, 2023 CVE ID Reserved
- Aug 25, 2023 CVE Published
- Apr 20, 2026 Security Advisory
References
- Microsoft Exchange Server Elevation of Privilege Vulnerability vendor-advisory