Lucene search

KLA20042 Multiple vulnerabilities in Microsoft Server Software

🗓️ 08 Nov 2022 00:00:00Reported by Kaspersky LabType

kaspersky🔗 threats.kaspersky.com👁 41 Views

Multiple vulnerabilities in Microsoft Server Software, including spoofing and privilege escalation. Public exploits exist. Impacts Microsoft Exchange Server. Install updates from KB5019758 in Windows Update. Affected products include Microsoft Exchange Server 2019 and 2016.

Reporter	Title	Published	Views	Family All 52
Tenable Nessus	Security Updates for Microsoft Exchange Server (Nov 2022)	11 Nov 202200:00	–	nessus
Microsoft KB	Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: November 8, 2022 (KB5019758)	8 Nov 202208:00	–	mskb
CNVD	Microsoft Exchange Server Elevation of Privilege Vulnerability (CNVD-2023-51378)	10 Nov 202200:00	–	cnvd
CNVD	Microsoft Exchange Server Spoofing Vulnerability (CNVD-2023-72231)	10 Nov 202200:00	–	cnvd
CNVD	Microsoft Exchange Server Spoofing Vulnerability (CNVD-2023-72230)	10 Nov 202200:00	–	cnvd
CNVD	Microsoft Exchange Server Elevation of Privilege Vulnerability (CNVD-2022-89608)	10 Nov 202200:00	–	cnvd
Zero Day Initiative	Microsoft Exchange ApprovedApplication Exposed Dangerous Function Information Disclosure Vulnerability	21 Nov 202200:00	–	zdi
Zero Day Initiative	Microsoft Exchange GetTorusCmdletConfigurationEntries Uncontrolled Search Path Element Local Privilege Escalation Vulnerability	21 Nov 202200:00	–	zdi
Zero Day Initiative	Microsoft Exchange TorusTryAccessCheck Uncontrolled Search Path Element Local Privilege Escalation Vulnerability	21 Nov 202200:00	–	zdi
Zero Day Initiative	Microsoft Exchange SerializationTypeConverter Deserialization of Untrusted Data Information Disclosure Vulnerability	21 Nov 202200:00	–	zdi

Source	Link
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41078
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41079
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41080
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41123
threats	www.threats.kaspersky.com/en/product/Microsoft-Exchange-Server/
support	www.support.microsoft.com/kb/5019758
statistics	www.statistics.securelist.com/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

08 Nov 2022 00:00Current

9.1High risk

Vulners AI Score9.1

CVSS38.8

EPSS0.07503