Lucene search
HistoryFeb 14, 2023 - 8:15 p.m.
CVE-2023-21706
microsoft
exchange server
remote code execution
vulnerability
cve-2023-21706
nvd
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
9.2 High
AI Score
Confidence
High
0.008 Low
EPSS
Percentile
81.2%
Microsoft Exchange Server Remote Code Execution Vulnerability
Affected configurations
Node
microsoftexchange_serverRange15.02.0–15.02.1118.025cumulative update 12
ORmicrosoftexchange_serverRange15.01.0–15.01.2507.021cumulative update 23
ORmicrosoftexchange_serverRange15.02.0–15.02.0986.041cumulative update 11
ORmicrosoftexchange_serverRange15.00.0–15.00.1497.047cumulative update 23
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | exchange_server | * | cpe:2.3:a:microsoft:exchange_server:*:cumulative update 12:*:*:*:*:*:* |
| microsoft | exchange_server | * | cpe:2.3:a:microsoft:exchange_server:*:cumulative update 23:*:*:*:*:*:* |
| microsoft | exchange_server | * | cpe:2.3:a:microsoft:exchange_server:*:cumulative update 11:*:*:*:*:*:* |
| microsoft | exchange_server | * | cpe:2.3:a:microsoft:exchange_server:*:cumulative update 23:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Microsoft Exchange Server 2019 Cumulative Update 12",
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_12:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.02.0",
"lessThan": "15.02.1118.025",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Exchange Server 2016 Cumulative Update 23",
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_23:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.01.0",
"lessThan": "15.01.2507.021",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Exchange Server 2019 Cumulative Update 11",
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.02.0",
"lessThan": "15.02.0986.041",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Exchange Server 2013 Cumulative Update 23",
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.00.0",
"lessThan": "15.00.1497.047",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
cvelist
cvelist
CVE-2023-21706 Microsoft Exchange Server Remote Code Execution Vulnerability
2023-02-14 19:32:44
prion
prion
Remote code execution
2023-02-14 20:15:00
mscve
mscve
Microsoft Exchange Server Remote Code Execution Vulnerability
2023-02-14 08:00:00
nvd
nvd
CVE-2023-21706
2023-02-14 20:15:13
nessus
nessus
Security Updates for Microsoft Exchange Server (February 2023)
2023-02-14 00:00:00
mskb
mskb
kaspersky
kaspersky
KLA20232 Multiple vulnerabilities in Microsoft Server Software
2023-02-14 00:00:00
krebs
krebs
Microsoft Patch Tuesday, February 2023 Edition
2023-02-14 21:01:41
avleonov
avleonov
malwarebytes
malwarebytes
Update now! February's Patch Tuesday tackles three zero-days
2023-02-15 03:00:00
talosblog
talosblog
rapid7blog
rapid7blog
Patch Tuesday - February 2023
2023-02-15 00:41:59
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
9.2 High
AI Score
Confidence
High
0.008 Low
EPSS
Percentile
81.2%
Related for CVE-2023-21706