CVE-2023-35388 — Vulnetix

CVE-2023-35388 PUBLISHED

In Microsoft Exchange Server 2016 und Microsoft Exchange Server 2019 existieren mehrere Schwachstellen. Microsoft veröffentlicht keine Details zu den Schwachstellen. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen oder Dateien zu manipulieren.

EPSS 0.40% · 61.2th percentile

Risk Scores

EPSS Score

0.40%

61.2th percentile

Affected Products

Vendor	Product	Versions
Microsoft	Microsoft Exchange Server 2019 Cumulative Update 12
Microsoft	Microsoft Exchange Server 2016 Cumulative Update 23
Microsoft	Microsoft Exchange Server 2019 Cumulative Update 13

Exploit Intelligence

https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1 (msrc)
Microsoft Exchange Server Remote Code Execution Vulnerability (circl)
Invoke-AnalyzerSecurityCveCheck.ps1 (github-poc)
Invoke-AnalyzerSecurityCveCheck.ps1 (github-poc)
Invoke-AnalyzerSecurityCveCheck.ps1 (github-poc)
Invoke-AnalyzerSecurityCveCheck.ps1 (github-poc)
Invoke-AnalyzerSecurityCveCheck.ps1 (github-poc)
Invoke-AnalyzerSecurityCveCheck.ps1 (github-poc)
Invoke-AnalyzerSecurityCveCheck.ps1 (github-poc)

Timeline

Aug 8, 2023 CVE Published
Aug 9, 2023 EPSS Score
Sep 12, 2023 EPSS Score
Nov 18, 2023 EPSS Score
Dec 21, 2023 EPSS Score
Jan 24, 2024 EPSS Score
Feb 27, 2024 EPSS Score
May 4, 2024 EPSS Score
Jun 7, 2024 EPSS Score
Jul 10, 2024 EPSS Score
Aug 13, 2024 EPSS Score
Oct 19, 2024 EPSS Score

References

Open in Interactive Console →