| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| CVE-2023-36050 | Microsoft Exchange Server Spoofing Vulnerability | Microsoft Exchange Server | Important | 03-01-2024 |
Technical Information
A Spoofing vulnerability in Microsoft Exchange Server. The bug exists in the SerializationTypeConverter class which causes deserialization of untrusted data. An authenticated attacker can use this vulnerability to disclose information in the context of SYSTEM or relay NTLM credentials.
Further information on this vulnerability is available at : CVE-2023-36050
Affected Software
Microsoft Exchange Server 2019 Cumulative Update 12,Microsoft Exchange Server 2016 Cumulative Update 23,
Microsoft Exchange Server 2019 Cumulative Update 13