Lucene search
MicrosoftCVELIST:CVE-2022-41080HistoryNov 09, 2022 - 12:00 a.m.
CVE-2022-41080 Microsoft Exchange Server Elevation of Privilege Vulnerability
2022-11-0900:00:00
microsoft
www.cve.org
1
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
8.9 High
AI Score
Confidence
High
0.017 Low
EPSS
Percentile
87.7%
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Microsoft Exchange Server 2016 Cumulative Update 23",
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_23:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.01.0",
"lessThan": "15.01.2507.016",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Exchange Server 2019 Cumulative Update 12",
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_12:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.02.0",
"lessThan": "15.02.1118.020",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Exchange Server 2013 Cumulative Update 23",
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.00.0",
"lessThan": "15.00.1497.044",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Exchange Server 2019 Cumulative Update 11",
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.02.0",
"lessThan": "15.02.0986.036",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Exchange Server 2016 Cumulative Update 22",
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.0.0",
"lessThan": "15.01.2375.037",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
cve
cve
CVE-2022-41080
2022-11-09 22:15:21
cnvd
cnvd
nvd
nvd
CVE-2022-41080
2022-11-09 22:15:21
mscve
mscve
Microsoft Exchange Server Elevation of Privilege Vulnerability
2022-11-08 08:00:00
prion
prion
Privilege escalation
2022-11-09 22:15:00
cisa_kev
cisa_kev
Microsoft Exchange Server Privilege Escalation Vulnerability
2023-01-10 00:00:00
qualysblog
qualysblog
rapid7blog
rapid7blog
CVE-2022-41080, CVE-2022-41082: Rapid7 Observed Exploitation of `OWASSRF` in Exchange for RCE
2022-12-21 17:35:17
Patch Tuesday - November 2022
2022-11-08 20:02:57
attackerkb
attackerkb
CVE-2022-41080
2022-11-09 00:00:00
malwarebytes
malwarebytes
Ransomware in December 2022
2023-02-01 17:15:00
wizblog
wizblog
thn
thn
kaspersky
kaspersky
KLA20042 Multiple vulnerabilities in Microsoft Server Software
2022-11-08 00:00:00
mskb
mskb
nessus
nessus
Security Updates for Microsoft Exchange Server (Nov 2022)
2022-11-11 00:00:00
krebs
krebs
Patch Tuesday, November 2022 Election Edition
2022-11-09 01:50:14
talosblog
talosblog
avleonov
avleonov
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
8.9 High
AI Score
Confidence
High
0.017 Low
EPSS
Percentile
87.7%
Related for CVELIST:CVE-2022-41080