Lucene search
HistoryAug 08, 2023 - 6:15 p.m.
CVE-2023-38185
cve-2023-38185
microsoft exchange server
remote code execution
vulnerability
nvd
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
0.008 Low
EPSS
Percentile
81.2%
Microsoft Exchange Server Remote Code Execution Vulnerability
Affected configurations
Node
microsoftexchange_serverRange15.02.0β15.02.1258.025cumulative update 13
ORmicrosoftexchange_serverRange15.02.0β15.02.1118.037cumulative update 12
ORmicrosoftexchange_serverRange15.01.0β15.01.2507.032cumulative update 23
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | exchange_server | * | cpe:2.3:a:microsoft:exchange_server:*:cumulative update 13:*:*:*:*:*:* |
| microsoft | exchange_server | * | cpe:2.3:a:microsoft:exchange_server:*:cumulative update 12:*:*:*:*:*:* |
| microsoft | exchange_server | * | cpe:2.3:a:microsoft:exchange_server:*:cumulative update 23:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Microsoft Exchange Server 2019 Cumulative Update 13",
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_13:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.02.0",
"lessThan": "15.02.1258.025",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Exchange Server 2019 Cumulative Update 12",
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_12:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.02.0",
"lessThan": "15.02.1118.037",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Exchange Server 2016 Cumulative Update 23",
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_23:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.01.0",
"lessThan": "15.01.2507.032",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
cvelist
cvelist
CVE-2023-38185 Microsoft Exchange Server Remote Code Execution Vulnerability
2023-08-08 17:08:41
prion
prion
Remote code execution
2023-08-08 18:15:00
cnvd
cnvd
nvd
nvd
CVE-2023-38185
2023-08-08 18:15:23
mscve
mscve
Microsoft Exchange Server Remote Code Execution Vulnerability
2023-08-08 07:00:00
mskb
mskb
kaspersky
kaspersky
KLA51713 Multiple vulnerabilities in Microsoft Server Software
2023-08-08 00:00:00
nessus
nessus
Security Updates for Microsoft Exchange Server (August 2023)
2023-08-08 00:00:00
thn
thn
Microsoft Releases Patches for 74 New Vulnerabilities in August Update
2023-08-09 04:26:00
avleonov
avleonov
talosblog
talosblog
rapid7blog
rapid7blog
Patch Tuesday - August 2023
2023-08-08 21:11:35
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
0.008 Low
EPSS
Percentile
81.2%
Related for CVE-2023-38185