9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
9.2 High
AI Score
Confidence
High
9 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
0.343 Low
EPSS
Percentile
97.0%
12/08/2020
Critical
Multiple vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Microsoft Exchange Server 2013 Cumulative Update 23
Microsoft Exchange Server 2016 Cumulative Update 18
Microsoft Exchange Server 2016 Cumulative Update 17
Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 31
Microsoft Exchange Server 2019 Cumulative Update 7
Microsoft Exchange Server 2019 Cumulative Update 6
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2020-17132
CVE-2020-17117
CVE-2020-17144
CVE-2020-17141
CVE-2020-17143
CVE-2020-17142
ACE
CVE-2020-171329.1Critical
CVE-2020-171176.6High
CVE-2020-171448.4Critical
CVE-2020-171418.4Critical
CVE-2020-171438.8Critical
CVE-2020-171429.1Critical
support.microsoft.com/kb/4593465
support.microsoft.com/kb/4593466
support.microsoft.com/kb/4593467
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17117
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17132
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17141
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17142
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17143
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17144
nvd.nist.gov/vuln/detail/CVE-2020-17117
nvd.nist.gov/vuln/detail/CVE-2020-17132
nvd.nist.gov/vuln/detail/CVE-2020-17141
nvd.nist.gov/vuln/detail/CVE-2020-17142
nvd.nist.gov/vuln/detail/CVE-2020-17143
nvd.nist.gov/vuln/detail/CVE-2020-17144
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Exchange-Server/
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
9.2 High
AI Score
Confidence
High
9 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
0.343 Low
EPSS
Percentile
97.0%