8 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 High
AI Score
Confidence
High
5.2 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:S/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
70.8%
09/12/2023
High
Multiple vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, spoof user interface.
Public exploits exist for this vulnerability.
Microsoft Exchange Server 2016 Cumulative Update 23
Microsoft Exchange Server 2019 Cumulative Update 13
Microsoft Exchange Server 2019 Cumulative Update 12
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2023-36777
CVE-2023-36744
CVE-2023-36757
CVE-2023-36756
CVE-2023-36745
ACE
CVE-2023-367775.7High
CVE-2023-367448.0Critical
CVE-2023-367578.0Critical
CVE-2023-367568.0Critical
CVE-2023-367458.0Critical
support.microsoft.com/kb/5026261
support.microsoft.com/kb/5030524
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36744
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36745
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36756
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36757
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36777
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36744
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36745
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36756
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36757
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36777
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Exchange-Server/
8 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 High
AI Score
Confidence
High
5.2 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:S/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
70.8%