September 27, 2023

Microsoft has released security updates as a part of this month Patch Tuesday and it has a Zero Day exploits in Exchange Server, those vulnerabilities found in:

  • Exchange Server 2013
  • Exchange Server 2016
  • Exchange Server 2019

These updates are available for the following specific builds of Exchange Server:

The CVSS score stands as CVSS:3.1 8.8 / 7.7 , Since the attacker need to be authenticated to exploit this Vulnerability.

  • Exchange Server 2013 CU23
  • Exchange Server 2016 CU21 and CU22
  • Exchange Server 2019 CU10 and CU11

The November 2021 security updates for Exchange Server address vulnerabilities of limited targeted attacks in the wild using one of vulnerabilities (CVE-2021-42321), which is a post-authentication vulnerability in Exchange 2016 and 2019.

These vulnerabilities affect on-premises Microsoft Exchange Server, including servers used by customers in Exchange Hybrid mode. Exchange Online customers are already protected and do not need to take any action

Tags:

Leave a Reply

You may have missed

BORN Canada latest victim of MoveIT data breach

September 27, 2023

Hardware Supply Chain Risk Assessment from CISA

September 27, 2023

Sony attack – Ransomed.vc claims responsibility

September 26, 2023

Chrome Zeroday – CVE-2023-4863 PoC Exploit Released

September 25, 2023

BlackCat adds Clarion to its Victim list

September 24, 2023

TheCyberThrone Security Week In Review – September 23, 2023

September 24, 2023
%d bloggers like this: