VDB

CVE-2022-21846

CVE-2022-21846 PUBLISHED CVSS 9 CRITICAL

Microsoft Exchange Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21855, CVE-2022-21969.

EPSS 1.53% · 81.6th percentile

Risk Scores

CVSS 3.1
9
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
EPSS Score
1.53%
81.6th percentile

Affected Products

VendorProductVersions
MicrosoftMicrosoft Exchange Server 2016 Cumulative Update 2215.0.0
MicrosoftMicrosoft Exchange Server 2019 Cumulative Update 1015.02.0
MicrosoftMicrosoft Exchange Server 2013 Cumulative Update 2315.00.0
MicrosoftMicrosoft Exchange Server 2016 Cumulative Update 2115.01.0
MicrosoftMicrosoft Exchange Server 2019 Cumulative Update 1115.02.0
microsoftexchange_server2016, 2019, 15.0.0

Timeline

  • Jan 11, 2022 CVE Published
  • Feb 8, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • Jul 16, 2022 EPSS Score
  • Sep 7, 2022 EPSS Score
  • Dec 21, 2022 EPSS Score
  • Feb 11, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • May 27, 2023 EPSS Score
  • Jul 18, 2023 EPSS Score
  • Oct 31, 2023 EPSS Score
  • Dec 23, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›