| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| CVE-2024-21410 | Elevation of Privilege | Microsoft Exchange server | Critical | 19-02-2024 |
Technical Information
An attacker who successfully exploited this vulnerability could relay a user’s leaked Net-NTLMv2 hash against a vulnerable Exchange Server and authenticate as the user.
Patch release date: Feb 13, 2024
Further information on this vulnerability is available at CVE-2024-21410.
Affected Software
Microsoft Exchange Server 2016 Cumulative Update 23,Microsoft Exchange Server 2019 Cumulative Update 13,
Microsoft Exchange Server 2019 Cumulative Update 14