Lucene search
HistoryMar 12, 2024 - 5:15 p.m.
CVE-2024-26198
cve-2024-26198
microsoft
exchange server
remote code execution
vulnerability
nvd
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.2 High
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
77.3%
Microsoft Exchange Server Remote Code Execution Vulnerability
Affected configurations
Node
microsoftexchange_serverRange15.02.0–15.02.1258.034cumulative update 14
ORmicrosoftexchange_serverRange15.02.0–15.02.1544.011cumulative update 13
ORmicrosoftexchange_serverRange15.01.0–15.01.2507.039cumulative update 23
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | exchange_server | * | cpe:2.3:a:microsoft:exchange_server:*:cumulative update 14:*:*:*:*:*:* |
| microsoft | exchange_server | * | cpe:2.3:a:microsoft:exchange_server:*:cumulative update 13:*:*:*:*:*:* |
| microsoft | exchange_server | * | cpe:2.3:a:microsoft:exchange_server:*:cumulative update 23:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Microsoft Exchange Server 2019 Cumulative Update 14",
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_14:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.02.0",
"lessThan": "15.02.1258.034",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Exchange Server 2019 Cumulative Update 13",
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_13:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.02.0",
"lessThan": "15.02.1544.011",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Exchange Server 2016 Cumulative Update 23",
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_23:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.01.0",
"lessThan": "15.01.2507.039",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
prion
prion
Remote code execution
2024-03-12 17:15:00
nessus
nessus
Security Updates for Microsoft Exchange Server (March 2024)
2024-03-15 00:00:00
mskb
mskb
nvd
nvd
CVE-2024-26198
2024-03-12 17:15:58
mscve
mscve
Microsoft Exchange Server Remote Code Execution Vulnerability
2024-03-12 07:00:00
kaspersky
kaspersky
KLA65130 ACE vulnerability in Microsoft Exchange Server
2024-03-12 00:00:00
cvelist
cvelist
CVE-2024-26198 Microsoft Exchange Server Remote Code Execution Vulnerability
2024-03-12 16:57:53
thn
thn
rapid7blog
rapid7blog
Patch Tuesday - March 2024
2024-03-12 19:47:44
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.2 High
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
77.3%
Related for CVE-2024-26198