All the vulnerabilites related to Microsoft - Microsoft Exchange Server 2019 Cumulative Update 10
cve-2021-41348
Vulnerability from cvelistv5
Published
2021-10-13 00:28
Modified
2024-08-04 03:08
Severity ?
EPSS score ?
Summary
Microsoft Exchange Server Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41348 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Exchange Server 2016 Cumulative Update 21 |
Version: 15.01.0 < 15.01.2308.015 cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:* |
||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T03:08:32.250Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41348" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 21", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2308.015", "status": "affected", "version": "15.01.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 10", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0922.014", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 11", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0986.009", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 22", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2375.012", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] } ], "datePublic": "2021-10-12T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Exchange Server Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of Privilege", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T14:52:16.768Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41348" } ], "title": "Microsoft Exchange Server Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2021-41348", "datePublished": "2021-10-13T00:28:11", "dateReserved": "2021-09-17T00:00:00", "dateUpdated": "2024-08-04T03:08:32.250Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-21846
Vulnerability from cvelistv5
Published
2022-01-11 20:22
Modified
2024-11-14 20:07
Severity ?
EPSS score ?
Summary
Microsoft Exchange Server Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21846 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Exchange Server 2016 Cumulative Update 22 |
Version: 15.0.0 < 15.01.2375.018 cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:* |
||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T02:53:36.402Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21846" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 22", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2375.018", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 11", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0986.015", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2013 Cumulative Update 23", "vendor": "Microsoft", "versions": [ { "lessThan": "15.00.1497.028", "status": "affected", "version": "15.00.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 21", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2308.021", "status": "affected", "version": "15.01.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 10", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0922.020", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] } ], "datePublic": "2022-01-11T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Exchange Server Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 9, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-14T20:07:18.365Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft Exchange Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21846" } ], "title": "Microsoft Exchange Server Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-21846", "datePublished": "2022-01-11T20:22:22", "dateReserved": "2021-12-14T00:00:00", "dateUpdated": "2024-11-14T20:07:18.365Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-33768
Vulnerability from cvelistv5
Published
2021-07-14 17:53
Modified
2024-08-03 23:58
Severity ?
EPSS score ?
Summary
Microsoft Exchange Server Elevation of Privilege Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33768 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Exchange Server 2019 Cumulative Update 9 |
Version: 15.02.0 < 15.02.0858.015 cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:* |
||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T23:58:22.872Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33768" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 9", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0858.015", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 20", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2242.012", "status": "affected", "version": "15.01.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 21", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2308.014", "status": "affected", "version": "15.01.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 10", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0922.013", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] } ], "datePublic": "2021-07-13T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Exchange Server Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of Privilege", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-28T22:36:53.445Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33768" } ], "title": "Microsoft Exchange Server Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2021-33768", "datePublished": "2021-07-14T17:53:42", "dateReserved": "2021-05-28T00:00:00", "dateUpdated": "2024-08-03T23:58:22.872Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-42305
Vulnerability from cvelistv5
Published
2021-11-10 00:47
Modified
2024-08-04 03:30
Severity ?
EPSS score ?
Summary
Microsoft Exchange Server Spoofing Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42305 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Exchange Server 2013 Cumulative Update 23 |
Version: 15.00.0 < 15.00.1497.026 cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:* |
||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T03:30:38.241Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42305" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2013 Cumulative Update 23", "vendor": "Microsoft", "versions": [ { "lessThan": "15.00.1497.026", "status": "affected", "version": "15.00.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 21", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2308.020", "status": "affected", "version": "15.01.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 10", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0792.019", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 22", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2375.017", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 11", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0986.014", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] } ], "datePublic": "2021-11-09T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Exchange Server Spoofing Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Spoofing", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T14:48:03.858Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42305" } ], "title": "Microsoft Exchange Server Spoofing Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2021-42305", "datePublished": "2021-11-10T00:47:38", "dateReserved": "2021-10-12T00:00:00", "dateUpdated": "2024-08-04T03:30:38.241Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-34453
Vulnerability from cvelistv5
Published
2021-10-13 00:26
Modified
2024-08-04 00:12
Severity ?
EPSS score ?
Summary
Microsoft Exchange Server Denial of Service Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34453 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Exchange Server 2019 Cumulative Update 11 |
Version: 15.02.0 < 15.02.0986.009 cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:* |
||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-34453", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-07-18T20:30:38.736301Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-18T20:30:48.570Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T00:12:50.102Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34453" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 11", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0986.009", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 10", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0922.014", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 21", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2308.015", "status": "affected", "version": "15.01.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 22", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2375.012", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] } ], "datePublic": "2021-10-12T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Exchange Server Denial of Service Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of Service", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T14:52:09.137Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34453" } ], "title": "Microsoft Exchange Server Denial of Service Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2021-34453", "datePublished": "2021-10-13T00:26:37", "dateReserved": "2021-06-09T00:00:00", "dateUpdated": "2024-08-04T00:12:50.102Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-24463
Vulnerability from cvelistv5
Published
2022-03-09 17:07
Modified
2024-08-03 04:13
Severity ?
EPSS score ?
Summary
Microsoft Exchange Server Spoofing Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24463 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Exchange Server 2016 Cumulative Update 21 |
Version: 15.01.0 < 15.01.2308.027 cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:* |
||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T04:13:55.597Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft Exchange Server Spoofing Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24463" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 21", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2308.027", "status": "affected", "version": "15.01.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 10", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0922.027", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 22", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2375.024", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 11", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0986.022", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] } ], "datePublic": "2022-03-08T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Exchange Server Spoofing Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Spoofing", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-21T00:31:55.432Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft Exchange Server Spoofing Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24463" } ], "title": "Microsoft Exchange Server Spoofing Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-24463", "datePublished": "2022-03-09T17:07:44", "dateReserved": "2022-02-05T00:00:00", "dateUpdated": "2024-08-03T04:13:55.597Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-42321
Vulnerability from cvelistv5
Published
2021-11-10 00:47
Modified
2024-08-04 03:30
Severity ?
EPSS score ?
Summary
Microsoft Exchange Server Remote Code Execution Vulnerability
References
Impacted products
Vendor | Product | Version | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Exchange Server 2016 Cumulative Update 21 |
Version: 15.01.0 < 15.01.2308.020 cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:* |
||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T03:30:38.363Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42321" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/166153/Microsoft-Exchange-Server-Remote-Code-Execution.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/168131/Microsoft-Exchange-Server-ChainedSerializationBinder-Remote-Code-Execution.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 21", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2308.020", "status": "affected", "version": "15.01.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 10", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0792.019", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 22", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2375.017", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 11", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0986.014", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] } ], "datePublic": "2021-11-09T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Exchange Server Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T14:47:48.107Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42321" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/166153/Microsoft-Exchange-Server-Remote-Code-Execution.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/168131/Microsoft-Exchange-Server-ChainedSerializationBinder-Remote-Code-Execution.html" } ], "title": "Microsoft Exchange Server Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2021-42321", "datePublished": "2021-11-10T00:47:43", "dateReserved": "2021-10-12T00:00:00", "dateUpdated": "2024-08-04T03:30:38.363Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-31206
Vulnerability from cvelistv5
Published
2021-07-14 17:53
Modified
2024-08-03 22:55
Severity ?
EPSS score ?
Summary
Microsoft Exchange Server Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31206 | x_refsource_MISC | |
https://www.zerodayinitiative.com/advisories/ZDI-21-826/ | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Exchange Server 2019 Cumulative Update 9 |
Version: 15.02.0 < 15.02.0858.015 cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:* |
||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T22:55:52.209Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31206" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-826/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 9", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0858.015", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 20", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2242.012", "status": "affected", "version": "15.01.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2013 Cumulative Update 23", "vendor": "Microsoft", "versions": [ { "lessThan": "15.00.1497.023", "status": "affected", "version": "15.00.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 21", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2308.014", "status": "affected", "version": "15.01.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 10", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0922.013", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] } ], "datePublic": "2021-07-13T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Exchange Server Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.6, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L/E:F/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-28T22:36:19.357Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31206" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-826/" } ], "title": "Microsoft Exchange Server Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2021-31206", "datePublished": "2021-07-14T17:53:13", "dateReserved": "2021-04-14T00:00:00", "dateUpdated": "2024-08-03T22:55:52.209Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-41350
Vulnerability from cvelistv5
Published
2021-10-13 00:28
Modified
2024-08-04 03:08
Severity ?
EPSS score ?
Summary
Microsoft Exchange Server Spoofing Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41350 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Exchange Server 2016 Cumulative Update 21 |
Version: 15.01.0 < 15.01.2308.015 cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:* |
||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2021-41350", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-04T15:04:51.954198Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:12:59.422Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-04T03:08:32.177Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41350" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 21", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2308.015", "status": "affected", "version": "15.01.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 10", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0922.014", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 11", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0986.009", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 22", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2375.012", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] } ], "datePublic": "2021-10-12T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Exchange Server Spoofing Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Spoofing", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T14:52:17.494Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41350" } ], "title": "Microsoft Exchange Server Spoofing Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2021-41350", "datePublished": "2021-10-13T00:28:13", "dateReserved": "2021-09-17T00:00:00", "dateUpdated": "2024-08-04T03:08:32.177Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-31196
Vulnerability from cvelistv5
Published
2021-07-14 17:53
Modified
2024-08-21 16:20
Severity ?
EPSS score ?
Summary
Microsoft Exchange Server Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31196 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Exchange Server 2019 Cumulative Update 9 |
Version: 15.02.0 < 15.02.0858.015 cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:* |
||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T22:55:53.341Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31196" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "dateAdded": "2024-08-21", "reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json" }, "type": "kev" } } ], "providerMetadata": { "dateUpdated": "2024-08-21T16:20:22.703Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "timeline": [ { "lang": "en", "time": "2024-08-21T00:00:00+00:00", "value": "CVE-2021-31196 added to CISA KEV" } ], "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 9", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0858.015", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 20", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2242.012", "status": "affected", "version": "15.01.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2013 Cumulative Update 23", "vendor": "Microsoft", "versions": [ { "lessThan": "15.00.1497.023", "status": "affected", "version": "15.00.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 21", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2308.014", "status": "affected", "version": "15.01.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 10", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0922.013", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] } ], "datePublic": "2021-07-13T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Exchange Server Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-28T22:36:18.850Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31196" } ], "title": "Microsoft Exchange Server Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2021-31196", "datePublished": "2021-07-14T17:53:12", "dateReserved": "2021-04-14T00:00:00", "dateUpdated": "2024-08-21T16:20:22.703Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-23277
Vulnerability from cvelistv5
Published
2022-03-09 17:06
Modified
2024-08-03 03:36
Severity ?
EPSS score ?
Summary
Microsoft Exchange Server Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23277 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Exchange Server 2013 Cumulative Update 23 |
Version: 15.00.0 < 15.00.1497.033 cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:* |
||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:36:20.337Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft Exchange Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23277" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2013 Cumulative Update 23", "vendor": "Microsoft", "versions": [ { "lessThan": "15.00.1497.033", "status": "affected", "version": "15.00.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 21", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2308.027", "status": "affected", "version": "15.01.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 10", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0922.027", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 22", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2375.024", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 11", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0986.022", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] } ], "datePublic": "2022-03-08T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Exchange Server Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-21T00:32:00.457Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft Exchange Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23277" } ], "title": "Microsoft Exchange Server Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-23277", "datePublished": "2022-03-09T17:06:55", "dateReserved": "2022-01-15T00:00:00", "dateUpdated": "2024-08-03T03:36:20.337Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-26427
Vulnerability from cvelistv5
Published
2021-10-13 00:26
Modified
2024-08-03 20:26
Severity ?
EPSS score ?
Summary
Microsoft Exchange Server Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26427 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Exchange Server 2016 Cumulative Update 22 |
Version: 15.0.0 < 15.01.2375.012 cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:* |
||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T20:26:25.215Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26427" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 22", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2375.012", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 11", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0986.009", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2013 Cumulative Update 23", "vendor": "Microsoft", "versions": [ { "lessThan": "15.00.1497.024", "status": "affected", "version": "15.00.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 21", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2308.015", "status": "affected", "version": "15.01.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 10", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0922.014", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] } ], "datePublic": "2021-10-12T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Exchange Server Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 9, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T14:52:19.160Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26427" } ], "title": "Microsoft Exchange Server Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2021-26427", "datePublished": "2021-10-13T00:26:32", "dateReserved": "2021-01-29T00:00:00", "dateUpdated": "2024-08-03T20:26:25.215Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-41349
Vulnerability from cvelistv5
Published
2021-11-10 00:46
Modified
2024-08-04 03:08
Severity ?
EPSS score ?
Summary
Microsoft Exchange Server Spoofing Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41349 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Exchange Server 2013 Cumulative Update 23 |
Version: 15.00.0 < 15.00.1497.026 cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:* |
||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T03:08:32.236Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41349" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2013 Cumulative Update 23", "vendor": "Microsoft", "versions": [ { "lessThan": "15.00.1497.026", "status": "affected", "version": "15.00.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 21", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2308.020", "status": "affected", "version": "15.01.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 10", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0792.019", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 22", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2375.017", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 11", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0986.014", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] } ], "datePublic": "2021-11-09T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Exchange Server Spoofing Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Spoofing", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T14:47:54.073Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41349" } ], "title": "Microsoft Exchange Server Spoofing Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2021-41349", "datePublished": "2021-11-10T00:46:32", "dateReserved": "2021-09-17T00:00:00", "dateUpdated": "2024-08-04T03:08:32.236Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-21969
Vulnerability from cvelistv5
Published
2022-01-11 20:23
Modified
2024-11-14 20:07
Severity ?
EPSS score ?
Summary
Microsoft Exchange Server Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21969 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Exchange Server 2013 Cumulative Update 23 |
Version: 15.00.0 < 15.00.1497.028 cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:* |
||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:00:54.611Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21969" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2013 Cumulative Update 23", "vendor": "Microsoft", "versions": [ { "lessThan": "15.00.1497.028", "status": "affected", "version": "15.00.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 21", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2308.021", "status": "affected", "version": "15.01.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 10", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0922.020", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 22", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2375.018", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 11", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0986.015", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] } ], "datePublic": "2022-01-11T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Exchange Server Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 9, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-14T20:07:39.577Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft Exchange Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21969" } ], "title": "Microsoft Exchange Server Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-21969", "datePublished": "2022-01-11T20:23:34", "dateReserved": "2021-12-16T00:00:00", "dateUpdated": "2024-11-14T20:07:39.577Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-34470
Vulnerability from cvelistv5
Published
2021-07-14 17:54
Modified
2024-08-23 15:08
Severity ?
EPSS score ?
Summary
Microsoft Exchange Server Elevation of Privilege Vulnerability
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Exchange Server 2013 Cumulative Update 23 |
Version: 15.00.0 < 15.00.1497.023 cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:* |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T00:12:50.389Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34470" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/163706/Microsoft-Exchange-AD-Schema-Misconfiguration-Privilege-Escalation.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-34470", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-08-23T15:07:17.026694Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-23T15:08:35.587Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2013 Cumulative Update 23", "vendor": "Microsoft", "versions": [ { "lessThan": "15.00.1497.023", "status": "affected", "version": "15.00.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 10", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0922.007", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 21", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2308.008", "status": "affected", "version": "15.01.0", "versionType": "custom" } ] } ], "datePublic": "2021-07-13T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Exchange Server Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of Privilege", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-28T22:37:16.298Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34470" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/163706/Microsoft-Exchange-AD-Schema-Misconfiguration-Privilege-Escalation.html" } ], "title": "Microsoft Exchange Server Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2021-34470", "datePublished": "2021-07-14T17:54:02", "dateReserved": "2021-06-09T00:00:00", "dateUpdated": "2024-08-23T15:08:35.587Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-21855
Vulnerability from cvelistv5
Published
2022-01-11 20:22
Modified
2024-11-14 20:07
Severity ?
EPSS score ?
Summary
Microsoft Exchange Server Remote Code Execution Vulnerability
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21855 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Exchange Server 2013 Cumulative Update 23 |
Version: 15.00.0 < 15.00.1497.028 cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:* |
||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T02:53:36.412Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21855" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2013 Cumulative Update 23", "vendor": "Microsoft", "versions": [ { "lessThan": "15.00.1497.028", "status": "affected", "version": "15.00.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 21", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2308.021", "status": "affected", "version": "15.01.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 10", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0922.020", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2016 Cumulative Update 22", "vendor": "Microsoft", "versions": [ { "lessThan": "15.01.2375.018", "status": "affected", "version": "15.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*" ], "platforms": [ "x64-based Systems" ], "product": "Microsoft Exchange Server 2019 Cumulative Update 11", "vendor": "Microsoft", "versions": [ { "lessThan": "15.02.0986.015", "status": "affected", "version": "15.02.0", "versionType": "custom" } ] } ], "datePublic": "2022-01-11T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Exchange Server Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 9, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Remote Code Execution", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-14T20:07:18.908Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft Exchange Server Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21855" } ], "title": "Microsoft Exchange Server Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2022-21855", "datePublished": "2022-01-11T20:22:28", "dateReserved": "2021-12-14T00:00:00", "dateUpdated": "2024-11-14T20:07:18.908Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }