Lucene search

[email protected]CVE-2019-1233

HistorySep 11, 2019 - 10:15 p.m.

CVE-2019-1233

2019-09-1122:15:15

[email protected]

web.nvd.nist.gov

110

microsoft exchange

denial of service

vulnerability

cve-2019-1233

nvd

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

57.8%

JSON

A denial of service vulnerability exists in Microsoft Exchange Server software when the software fails to properly handle objects in memory, aka ‘Microsoft Exchange Denial of Service Vulnerability’.

Affected configurations

Vulners

NVD

Node

microsoftmicrosoft_exchange_server_2016MatchCumulative Update 12

microsoftmicrosoft_exchange_server_2016MatchCumulative Update 13

microsoftmicrosoft_exchange_server_2019MatchCumulative Update 1

microsoftmicrosoft_exchange_server_2019MatchCumulative Update 2

VendorProductVersionCPE
microsoftmicrosoft_exchange_server_2016Cumulative Update 12cpe:2.3:a:microsoft:microsoft_exchange_server_2016:Cumulative Update 12:*:*:*:*:*:*:*
microsoftmicrosoft_exchange_server_2016Cumulative Update 13cpe:2.3:a:microsoft:microsoft_exchange_server_2016:Cumulative Update 13:*:*:*:*:*:*:*
microsoftmicrosoft_exchange_server_2019Cumulative Update 1cpe:2.3:a:microsoft:microsoft_exchange_server_2019:Cumulative Update 1:*:*:*:*:*:*:*
microsoftmicrosoft_exchange_server_2019Cumulative Update 2cpe:2.3:a:microsoft:microsoft_exchange_server_2019:Cumulative Update 2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	microsoft_exchange_server_2016	Cumulative Update 12	cpe:2.3:a:microsoft:microsoft_exchange_server_2016:Cumulative Update 12:::::::*
microsoft	microsoft_exchange_server_2016	Cumulative Update 13	cpe:2.3:a:microsoft:microsoft_exchange_server_2016:Cumulative Update 13:::::::*
microsoft	microsoft_exchange_server_2019	Cumulative Update 1	cpe:2.3:a:microsoft:microsoft_exchange_server_2019:Cumulative Update 1:::::::*
microsoft	microsoft_exchange_server_2019	Cumulative Update 2	cpe:2.3:a:microsoft:microsoft_exchange_server_2019:Cumulative Update 2:::::::*

CNA Affected

[
  {
    "product": "Microsoft Exchange Server 2016",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "Cumulative Update 12"
      },
      {
        "status": "affected",
        "version": "Cumulative Update 13"
      }
    ]
  },
  {
    "product": "Microsoft Exchange Server 2019",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "Cumulative Update 1"
      },
      {
        "status": "affected",
        "version": "Cumulative Update 2"
      }
    ]
  }
]