CVE Number | Vulnerability | Product | Severity | Date |
---|---|---|---|---|
CVE-2022-23277 | Microsoft Exchange Server Remote Code Execution Vulnerability | Microsoft Exchange Server 2019 | Critical | 14-03-2022 |
Technical Information
Brief overview of the risk:
A remote code execution vulnerability in Microsoft Exchange server. An authenticated attacker can exploit this vulnerability by running malicious code in the context of the server’s account through a network call. Successful exploitation of this vulnerability could lead to arbitrary code execution on the host machine in the context of that user.
Further information on this vulnerability is available at : CVE-2022-23277
Affected Software
Microsoft Exchange Server 2013 Cumulative Update 23,Microsoft Exchange Server 2016 Cumulative Update 21,
Microsoft Exchange Server 2019 Cumulative Update 10,
Microsoft Exchange Server 2016 Cumulative Update 22,
Microsoft Exchange Server 2019 Cumulative Update 11