CVE-2023-38185 — Vulnetix

CVE-2023-38185 PUBLISHED

In Microsoft Exchange Server 2016 und Microsoft Exchange Server 2019 existieren mehrere Schwachstellen. Microsoft veröffentlicht keine Details zu den Schwachstellen. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen oder Dateien zu manipulieren.

EPSS 2.00% · 84.0th percentile

Risk Scores

EPSS Score

2.00%

84.0th percentile

Affected Products

Vendor	Product	Versions
Microsoft	Microsoft Exchange Server 2019 Cumulative Update 13
Microsoft	Microsoft Exchange Server 2016 Cumulative Update 23
Microsoft	Microsoft Exchange Server 2019 Cumulative Update 12

Exploit Intelligence

https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1 (msrc)
Microsoft Exchange Server Remote Code Execution Vulnerability (circl)
Invoke-AnalyzerSecurityCveCheck.ps1 (github-poc)
Invoke-AnalyzerSecurityCveCheck.ps1 (github-poc)
Invoke-AnalyzerSecurityCveCheck.ps1 (github-poc)
Invoke-AnalyzerSecurityCveCheck.ps1 (github-poc)
Invoke-AnalyzerSecurityCveCheck.ps1 (github-poc)
Invoke-AnalyzerSecurityCveCheck.ps1 (github-poc)
Invoke-AnalyzerSecurityCveCheck.ps1 (github-poc)

Timeline

Aug 8, 2023 CVE Published
Aug 9, 2023 EPSS Score
Sep 12, 2023 EPSS Score
Nov 18, 2023 EPSS Score
Dec 21, 2023 EPSS Score
Jan 24, 2024 EPSS Score
Mar 31, 2024 EPSS Score
May 4, 2024 EPSS Score
Jun 7, 2024 EPSS Score
Jul 10, 2024 EPSS Score
Sep 15, 2024 EPSS Score
Oct 19, 2024 EPSS Score

References

Open in Interactive Console →