VDB
CVE-2023-38181
CVE-2023-38181
PUBLISHED
In Microsoft Exchange Server 2016 und Microsoft Exchange Server 2019 existieren mehrere Schwachstellen. Microsoft veröffentlicht keine Details zu den Schwachstellen. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen oder Dateien zu manipulieren.
EPSS 23.86% · 96.1th percentile
Risk Scores
EPSS Score
23.86%
96.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft Exchange Server 2019 Cumulative Update 12 | |
| Microsoft | Microsoft Exchange Server 2019 Cumulative Update 13 | |
| Microsoft | Microsoft Exchange Server 2016 Cumulative Update 23 |
Timeline
- Aug 8, 2023 CVE Published
- Aug 9, 2023 EPSS Score
- Sep 12, 2023 EPSS Score
- Nov 18, 2023 EPSS Score
- Dec 21, 2023 EPSS Score
- Feb 23, 2024 EPSS Score
- Feb 26, 2024 EPSS Score
- May 3, 2024 EPSS Score
- Jun 6, 2024 EPSS Score
- Aug 12, 2024 EPSS Score
- Sep 15, 2024 EPSS Score
- Oct 18, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1990.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1990 advisory
- https://techcommunity.microsoft.com/t5/exchange-team-blog/re-release-of-august-2023-exchange-server-security-update/ba-p/3900025 advisory
- https://support.microsoft.com/en-us/topic/exchange-server-2019-and-2016-august-2023-security-update-installation-fails-on-non-english-operating-systems-ef38d805-f645-4511-8cc5-cf967e5d5c75 advisory
- https://msrc.microsoft.com/update-guide advisory