Lucene search
HistoryNov 14, 2023 - 6:15 p.m.
CVE-2023-36439
cve-2023-36439
microsoft exchange
server
remote code execution
vulnerability
nvd
8 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
26.3%
Microsoft Exchange Server Remote Code Execution Vulnerability
Affected configurations
Node
microsoftexchange_serverRange15.01.0–15.01.2507.035cumulative update 23
ORmicrosoftexchange_serverRange15.02.0–15.02.1258.028cumulative update 13
ORmicrosoftexchange_serverRange15.02.0–15.02.1118.040cumulative update 12
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | exchange_server | * | cpe:2.3:a:microsoft:exchange_server:*:cumulative update 23:*:*:*:*:*:* |
| microsoft | exchange_server | * | cpe:2.3:a:microsoft:exchange_server:*:cumulative update 13:*:*:*:*:*:* |
| microsoft | exchange_server | * | cpe:2.3:a:microsoft:exchange_server:*:cumulative update 12:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Microsoft Exchange Server 2016 Cumulative Update 23",
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_23:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.01.0",
"lessThan": "15.01.2507.035",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Exchange Server 2019 Cumulative Update 13",
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_13:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.02.0",
"lessThan": "15.02.1258.028",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Exchange Server 2019 Cumulative Update 12",
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_12:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.02.0",
"lessThan": "15.02.1118.040",
"versionType": "custom",
"status": "affected"
}
]
}
]Social References
More
Related
mscve
mscve
Microsoft Exchange Server Remote Code Execution Vulnerability
2023-11-14 08:00:00
prion
prion
Remote code execution
2023-11-14 18:15:00
vulnrichment
vulnrichment
CVE-2023-36439 Microsoft Exchange Server Remote Code Execution Vulnerability
2023-11-14 17:57:17
nvd
nvd
CVE-2023-36439
2023-11-14 18:15:47
cvelist
cvelist
CVE-2023-36439 Microsoft Exchange Server Remote Code Execution Vulnerability
2023-11-14 17:57:17
mskb
mskb
nessus
nessus
Security Updates for Microsoft Exchange Server (November 2023)
2023-11-14 00:00:00
kaspersky
kaspersky
KLA61978 Multiple vulnerabilities in Microsoft Server Software
2023-11-14 00:00:00
malwarebytes
malwarebytes
Update now! Microsoft patches 3 actively exploited zero-days
2023-11-15 22:04:31
krebs
krebs
Microsoft Patch Tuesday, November 2023 Edition
2023-11-14 23:00:59
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday, November 2023 Security Update Review
2023-11-14 20:29:03
rapid7blog
rapid7blog
Patch Tuesday - November 2023
2023-11-14 21:27:09
8 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
26.3%
Related for CVE-2023-36439