<< Back
CVE Number Vulnerability Product Severity Date
CVE-2022-23277 Microsoft Exchange Server Remote Code Execution Vulnerability Microsoft Exchange Server 2019 Critical 14-03-2022

Technical Information

Brief overview of the risk:

A remote code execution vulnerability in Microsoft Exchange server. An authenticated attacker can exploit this vulnerability by running malicious code in the context of the server’s account through a network call. Successful exploitation of this vulnerability could lead to arbitrary code execution on the host machine in the context of that user.

Further information on this vulnerability is available at : CVE-2022-23277

Affected Software

Microsoft Exchange Server 2013 Cumulative Update 23,
Microsoft Exchange Server 2016 Cumulative Update 21,
Microsoft Exchange Server 2019 Cumulative Update 10,
Microsoft Exchange Server 2016 Cumulative Update 22,
Microsoft Exchange Server 2019 Cumulative Update 11