| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| CVE-2022-21846 | Microsoft Exchange Server Remote Code Execution Vulnerability | Microsoft Exchange Server 2019 | Critical | 17-01-2022 |
Technical Information
Brief overview of the risk:
A Remote Code Execution vulnerability in Microsoft Exchange Server which is restricted to logically adjacent topology, this means that an attacker needs to gain an initial foothold on the network before exploiting this vulnerability. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host machine in the context of the logged on user.
Further information on this vulnerability is available at : CVE-2022-21846
Affected Software
Microsoft Exchange Server 2016 Cumulative Update 22Microsoft Exchange Server 2019 Cumulative Update 11
Microsoft Exchange Server 2013 Cumulative Update 23
Microsoft Exchange Server 2016 Cumulative Update 21
Microsoft Exchange Server 2019 Cumulative Update 10