CVE-2023-35368 — Vulnetix

CVE-2023-35368 PUBLISHED

In Microsoft Exchange Server 2016 und Microsoft Exchange Server 2019 existieren mehrere Schwachstellen. Microsoft veröffentlicht keine Details zu den Schwachstellen. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen oder Dateien zu manipulieren.

EPSS 0.37% · 59.4th percentile

Risk Scores

EPSS Score

0.37%

59.4th percentile

Affected Products

Vendor	Product	Versions
Microsoft	Microsoft Exchange Server 2019 Cumulative Update 12
Microsoft	Microsoft Exchange Server 2019 Cumulative Update 13
Microsoft	Microsoft Exchange Server 2016 Cumulative Update 23

Exploit Intelligence

https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1 (msrc)
Microsoft Exchange Remote Code Execution Vulnerability (circl)
Invoke-AnalyzerSecurityCveCheck.ps1 (github-poc)
Invoke-AnalyzerSecurityCveCheck.ps1 (github-poc)
Invoke-AnalyzerSecurityCveCheck.ps1 (github-poc)
Invoke-AnalyzerSecurityCveCheck.ps1 (github-poc)
Invoke-AnalyzerSecurityCveCheck.ps1 (github-poc)
Invoke-AnalyzerSecurityCveCheck.ps1 (github-poc)
Invoke-AnalyzerSecurityCveCheck.ps1 (github-poc)

Timeline

Aug 8, 2023 CVE Published
Aug 9, 2023 EPSS Score
Aug 15, 2023 CVE Updated
Sep 12, 2023 EPSS Score
Oct 15, 2023 EPSS Score
Dec 21, 2023 EPSS Score
Jan 24, 2024 EPSS Score
Feb 27, 2024 EPSS Score
Mar 31, 2024 EPSS Score
May 4, 2024 EPSS Score
Jul 10, 2024 EPSS Score
Aug 13, 2024 EPSS Score

References

Open in Interactive Console →