Vulners
Lucene search
CVE-2020-0688
🗓️ 11 Feb 2020 21:22:59Reported by microsoftType 
cve🔗 web.nvd.nist.gov📰️ 11 Media mentions👁 2638 Views🌐 WEB
| Reporter | Title | Published | Views | Family All 143 |
|---|---|---|---|---|
 | Background Intelligent Transfer Service CVE-2020-0787 - Privilege Escalation | 12 Jun 202013:15 | – | 0daydb |
 | Microsoft Exchange 2019 15.2.221.12 - Authenticated Remote Code Execution Exploit | 2 Mar 202000:00 | – | zdt |
| Exchange Control Panel Viewstate Deserialization Exploit | 5 Mar 202000:00 | – | zdt |
| Background Intelligent Transfer Service Privilege Escalation Exploit | 12 Jun 202000:00 | – | zdt |
 | Exploit for Improper Authentication in Microsoft | 22 Apr 202007:28 | – | githubexploit |
| Exploit for Improper Authentication in Microsoft | 4 Jan 202110:48 | – | githubexploit |
| Exploit for Improper Authentication in Microsoft | 25 Feb 202023:44 | – | githubexploit |
| Exploit for Improper Authentication in Microsoft | 19 Mar 202016:39 | – | githubexploit |
| Exploit for Improper Authentication in Microsoft | 9 May 202412:50 | – | githubexploit |
| Exploit for Improper Authentication in Microsoft | 28 Feb 202016:04 | – | githubexploit |
10
Node
OROROROROR
[
{
"product": "Microsoft Exchange Server 2013",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Cumulative Update 23"
}
]
},
{
"product": "Microsoft Exchange Server 2019 Cumulative Update 3",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Exchange Server 2016 Cumulative Update 14",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Exchange Server 2016 Cumulative Update 15",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Exchange Server 2019 Cumulative Update 4",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 30",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| __VIEWSTATE | query param | ecp/default.aspx | Exchange Control Panel viewstate deserialization leads to RCE via crafted __VIEWSTATE payload. | CWE-287 |
| __VIEWSTATEGENERATOR | query param | ecp/default.aspx | Exchange Control Panel viewstate deserialization leads to RCE via crafted __VIEWSTATE payload. | CWE-287 |
10
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
29 Oct 2025 14:27Current
8.5High risk
Vulners AI Score8.5
CVSS 3.18.8
CVSS 29
EPSS0.94389
SSVC