Lucene search
MicrosoftCVELIST:CVE-2024-21410HistoryFeb 13, 2024 - 6:02 p.m.
CVE-2024-21410 Microsoft Exchange Server Elevation of Privilege Vulnerability
2024-02-1318:02:48
CWE-287
microsoft
www.cve.org
13
microsoft exchange server
elevation of privilege
vulnerability
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
AI Score
9.7
Confidence
High
EPSS
0.083
Percentile
94.5%
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Microsoft Exchange Server 2016 Cumulative Update 23",
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_23:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "N/A",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Exchange Server 2019 Cumulative Update 13",
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_13:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.02.0",
"lessThan": "15.2.1544.004",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Exchange Server 2019 Cumulative Update 14",
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_14:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"versions": [
{
"version": "15.02.0",
"lessThan": "15.2.1544.004",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
thn
thn
52% of Serious Vulnerabilities We Find are Related to Windows 10
2024-01-22 11:22:00
cve
cve
CVE-2024-21410
2024-02-13 18:15:59
mskb
mskb
Cumulative Update 14 for Exchange Server 2019 (KB5035606)
2024-02-13 08:00:00
nvd
nvd
CVE-2024-21410
2024-02-13 18:15:59
prion
prion
Privilege escalation
2024-02-13 18:15:00
cisa_kev
cisa_kev
Microsoft Exchange Server Privilege Escalation Vulnerability
2024-02-15 00:00:00
attackerkb
attackerkb
CVE-2024-21410
2024-02-13 00:00:00
nessus
nessus
Security Updates for Microsoft Exchange Server (February 2024)
2024-02-13 00:00:00
kaspersky
kaspersky
KLA63959 PE vulnerability in Microsoft Server Software
2024-02-13 00:00:00
malwarebytes
malwarebytes
Microsoft Exchange vulnerability actively exploited
2024-02-16 13:37:32
vulnrichment
vulnrichment
mscve
mscve
Microsoft Exchange Server Elevation of Privilege Vulnerability
2024-02-13 08:00:00
hivepro
hivepro
krebs
krebs
Fat Patch Tuesday, February 2024 Edition
2024-02-13 22:28:48
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday, February 2024 Security Update Review
2024-02-13 20:03:29
avleonov
avleonov
rapid7blog
rapid7blog
Patch Tuesday - March 2024
2024-03-12 19:47:44
Patch Tuesday - February 2024
2024-02-13 21:26:21
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
AI Score
9.7
Confidence
High
EPSS
0.083
Percentile
94.5%
Related for CVELIST:CVE-2024-21410