VU#915563: Microsoft Exchange vulnerable to server-side request forgery and remote code execution.

Opsfolio Community
October 3, 2022, 12 months ago
74

Overview Microsoft Exchange 2019 Cumulative Update 23 and earlier versions are vulnerable to a server-side request forgery (SSRF) attack and remote code execution. An authenticated attacker can use the combination of these two vulnerabilities to elevate privileges and execute arbitrary code on the target Exchange server. Description Microsoft Exchange Server's Autodiscover service is a web service widely available to any Microsoft Exchange Web Services (EWS) client. Since Microsoft Exchange version 2016, the Autodiscover service has become an integral part of...

Source: https://kb.cert.org/vuls/id/915563

VU#915563: Microsoft Exchange vulnerable to server-side request forgery and remote code execution.

VU#915563: Microsoft Exchange vulnerable to server-side request forgery and remote code execution.

Subscribe To Our Newsletter!

Popular Posts

What A Cybersecurity Degree Teach You About Protecting Businesses Against Threats

Steps to creating a healthcare app

Cybersecurity Tips For Freelance Healthcare Workers

How to Create a Secure Healthcare Website?

How to keep your child safe from infections when you are not at home?

POPULAR Media

Ransomware Payouts Are On The Rise

Defense Against Socially Engineered Attacks

Address Ransomware With Multiple Layered Security

Hitrust – Streamlining the Compliance Process