Lucene search

K
nessusThis script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.EXCHANGE_CVE-2022-41040_IOC.NBIN
HistoryOct 03, 2022 - 12:00 a.m.

Potential exposure to Microsoft Exchange CVE-2022-41040 / CVE-2022-41082 Exploit

2022-10-0300:00:00
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
438
microsoft exchange
cve-2022-41040
cve-2022-41082
exploit
binary data
scanner

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.952

Percentile

99.4%

This plugin detects the potential presence of a web shell in selected directories and this can be indicative that the host might have been exploited with CVE-2022-41040 / CVE-2022-41082. It is recommended that the results are manually verified and appropriate remediation actions taken.

Note that Nessus has not tested for this issue but has instead looked for files that could potentially indicate compromise.

Binary data exchange_cve-2022-41040_ioc.nbin

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.952

Percentile

99.4%