Lucene search

K
cvelistMicrosoftCVELIST:CVE-2020-17144
HistoryDec 09, 2020 - 11:36 p.m.

CVE-2020-17144 Microsoft Exchange Remote Code Execution Vulnerability

2020-12-0923:36:55
microsoft
www.cve.org
10
cve-2020-17144
remote code execution
microsoft exchange

CVSS3

8.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C

AI Score

9.1

Confidence

High

EPSS

0.322

Percentile

97.1%

CNA Affected

[
  {
    "vendor": "Microsoft",
    "product": "Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 31",
    "cpes": [
      "cpe:2.3:a:microsoft:exchange_server:2010:sp3_rollup_31:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "0",
        "lessThan": "publication",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]

CVSS3

8.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C

AI Score

9.1

Confidence

High

EPSS

0.322

Percentile

97.1%