VDB
CVE-2023-21709
CVE-2023-21709
PUBLISHED
In Microsoft Exchange Server 2016 und Microsoft Exchange Server 2019 existieren mehrere Schwachstellen. Microsoft veröffentlicht keine Details zu den Schwachstellen. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen oder Dateien zu manipulieren.
EPSS 3.39% · 87.6th percentile
Risk Scores
EPSS Score
3.39%
87.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft Exchange Server 2016 Cumulative Update 23 | |
| Microsoft | Microsoft Exchange Server 2019 Cumulative Update 13 | |
| Microsoft | Microsoft Exchange Server 2019 Cumulative Update 12 |
Exploit Intelligence
Timeline
- Aug 8, 2023 CVE Published
- Aug 9, 2023 EPSS Score
- Sep 12, 2023 EPSS Score
- Nov 18, 2023 EPSS Score
- Dec 21, 2023 EPSS Score
- Jan 24, 2024 EPSS Score
- Feb 27, 2024 EPSS Score
- May 4, 2024 EPSS Score
- Jun 7, 2024 EPSS Score
- Jul 10, 2024 EPSS Score
- Aug 13, 2024 EPSS Score
- Oct 19, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1990.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1990 advisory
- https://techcommunity.microsoft.com/t5/exchange-team-blog/re-release-of-august-2023-exchange-server-security-update/ba-p/3900025 advisory
- https://support.microsoft.com/en-us/topic/exchange-server-2019-and-2016-august-2023-security-update-installation-fails-on-non-english-operating-systems-ef38d805-f645-4511-8cc5-cf967e5d5c75 advisory
- https://msrc.microsoft.com/update-guide advisory