Lucene search

Basic search
Lucene search
Search by product

Database

Vendors

[email protected]NVD:CVE-2022-41082

HistoryOct 03, 2022 - 1:15 a.m.

CVE-2022-41082

Vulners
Nvd
CVE-2022-41082

2022-10-0301:15:08

CWE-502

[email protected]

web.nvd.nist.gov

8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.216 Low

EPSS

Percentile

96.5%

JSON

Microsoft Exchange Server Remote Code Execution Vulnerability

Affected configurations

NVD

Node

microsoftexchange_serverMatch2013cumulative_update_23

microsoftexchange_serverMatch2016cumulative_update_22

microsoftexchange_serverMatch2016cumulative_update_23

microsoftexchange_serverMatch2019cumulative_update_11

microsoftexchange_serverMatch2019cumulative_update_12

References

packetstormsecurity.com/files/170066/Microsoft-Exchange-ProxyNotShell-Remote-Code-Execution.html

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41082

www.kb.cert.org/vuls/id/915563

www.secpod.com/blog/microsoft-november-2022-patch-tuesday-patches-65-vulnerabilities-including-6-zero-days/

githubexploit 24

cnvd 1

zdi 31

prion 1

cvelist 1

cve 1

mscve 1

rapid7blog 6

thn 11

cisa 1

checkpoint_advisories 1

wordfence 1

msrc 3

cisa_kev 3

mssecure 1

nessus 3

packetstorm 1

qualysblog 5

hackread 1

krebs 2

malwarebytes 4

attackerkb 2

wizblog 1

hivepro 1

talosblog 4

kaspersky 1

akamaiblog 1

metasploit 1

mmpc 1

cert 1

impervablog 1

ics 2

securelist 2

mskb 1

trellix 2

avleonov 3

githubexploit

Exploit for CVE-2022-41082

2022-10-03 05:57:11

Exploit for Deserialization of Untrusted Data in Microsoft

2022-12-22 09:35:26

Exploit for Deserialization of Untrusted Data in Microsoft

2023-03-22 20:04:07

cnvd

Microsoft Exchange Server Remote Code Execution Vulnerability (CNVD-2022-67838)

2022-10-08 00:00:00

zdi

Microsoft Exchange DumpDataReader Exposed Dangerous Function Information Disclosure Vulnerability

2022-11-22 00:00:00

Microsoft Exchange FileConfigurationSource Exposed Dangerous Function Information Disclosure Vulnerability

2022-11-22 00:00:00

Microsoft Exchange G711Reader Exposed Dangerous Function Information Disclosure Vulnerability

2022-11-22 00:00:00

prion

Remote code execution

2022-10-03 01:15:00

cvelist

CVE-2022-41082 Microsoft Exchange Server Remote Code Execution Vulnerability

2022-10-03 00:00:00

cve

CVE-2022-41082

2022-10-03 01:15:08

mscve

Microsoft Exchange Server Remote Code Execution Vulnerability

2022-09-30 07:00:00

rapid7blog

Metasploit Weekly Wrap-Up

2022-12-02 21:00:13

CVE-2022-41080, CVE-2022-41082: Rapid7 Observed Exploitation of `OWASSRF` in Exchange for RCE

2022-12-21 17:35:17

CVE-2022-41040 and CVE-2022-41082: Unpatched Zero-Day Vulnerabilities in Microsoft Exchange Server

2022-09-29 20:50:50

thn

Microsoft Confirms 2 New Exchange Zero-Day Flaws Being Used in the Wild

2022-09-30 09:01:00

Mitigation for Exchange Zero-Days Bypassed! Microsoft Issues New Workarounds

2022-10-05 05:31:00

Microsoft Issues Improved Mitigations for Unpatched Exchange Server Vulnerabilities

2022-10-08 05:13:00

cisa

Microsoft Releases Guidance on Zero-Day Vulnerabilities in Microsoft Exchange Server

2022-09-30 00:00:00

checkpoint_advisories

Microsoft Exchange Server Remote Code Execution (CVE-2022-41082; CVE-2022-41040)

2022-10-03 00:00:00

wordfence

Two Weeks of Monitoring ProxyNotShell (CVE-2022-41040 & CVE-2022-41082) Threat Activity

2022-10-19 16:01:59

msrc

Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server

2022-09-30 07:00:00

Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server

2022-09-30 06:55:00

Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server

2022-09-30 07:00:00

cisa_kev

Microsoft Exchange Server Remote Code Execution Vulnerability

2022-09-30 00:00:00

Microsoft Exchange Server Server-Side Request Forgery Vulnerability

2022-09-30 00:00:00

Microsoft Exchange Server Privilege Escalation Vulnerability

2023-01-10 00:00:00

mssecure

Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082

2022-10-01 04:21:00

nessus

Microsoft Exchange Server October 2022 Zero-day Vulnerabilities (ProxyNotShell)

2022-10-05 00:00:00

Potential exposure to Microsoft Exchange CVE-2022-41040 / CVE-2022-41082 Exploit

2022-10-03 00:00:00

Security Updates for Microsoft Exchange Server (Nov 2022)

2022-11-11 00:00:00

packetstorm

Microsoft Exchange ProxyNotShell Remote Code Execution

2022-11-30 00:00:00

qualysblog

Safeguard Your Organization this Holiday Season with Endpoint Security from Qualys

2023-10-26 13:04:00

Qualys Response to ProxyNotShell Microsoft Exchange Server Zero-Day Threat Using Qualys Cloud Platform

2022-09-30 23:25:55

Qualys Research Team: Threat Thursdays, October 2022

2022-10-28 00:58:53

hackread

Microsoft Confirms Two 0-Days Being Exploited Against Exchange Servers

2022-09-30 17:56:35

krebs

Microsoft: Two New 0-Day Flaws in Exchange Server

2022-09-30 16:51:57

Patch Tuesday, November 2022 Election Edition

2022-11-09 01:50:14

malwarebytes

[updated]Two new Exchange Server zero-days in the wild

2022-09-30 13:00:00

Ransomware in December 2022

2023-02-01 17:15:00

Rackspace confirms it suffered a ransomware attack

2022-12-08 12:00:00

attackerkb

CVE-2022-41080

2022-11-09 00:00:00

CVE-2022-41082

2022-10-03 00:00:00

wizblog

OWASSRF, a new exploit for Exchange vulnerabilities, exploited in the wild: everything you need to know

2022-12-22 18:10:48

hivepro

Unpatched zero-day vulnerabilities of Microsoft Exchange Server

2022-09-30 10:21:56

talosblog

Threat Advisory: Microsoft warns of actively exploited vulnerabilities in Exchange Server

2022-09-30 21:16:00

Threat Source newsletter (Oct. 6, 2022) — Continuing down the Privacy Policy rabbit hole

2022-10-06 18:00:00

Threat Advisory: Microsoft warns of actively exploited vulnerabilities in Exchange Server

2022-09-30 21:16:00

kaspersky

KLA19264 Multiple vulnerabilities in Microsoft Server Software

2022-09-30 00:00:00

akamaiblog

Akamai?s Response to Zero-Day Vulnerabilities in Microsoft Exchange Server (CVE-2022-41040 and CVE-2022-41082)

2022-10-03 09:00:00

metasploit

Microsoft Exchange ProxyNotShell RCE

2022-11-18 22:00:27

mmpc

Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082

2022-10-01 04:21:00

cert

Microsoft Exchange vulnerable to server-side request forgery and remote code execution.

2022-10-03 00:00:00

impervablog

Microsoft Exchange Server Vulnerabilities CVE-2022-41040 and CVE-2022-41082

2022-09-30 16:47:34

ics

#StopRansomware: Play Ransomware

2023-12-18 12:00:00

2022 Top Routinely Exploited Vulnerabilities

2023-08-03 12:00:00

securelist

CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange

2022-12-19 16:15:49

IT threat evolution in Q3 2022. Non-mobile statistics

2022-11-18 08:10:34

mskb

Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: November 8, 2022 (KB5019758)

2022-11-08 08:00:00

trellix

The Bug Report October 2022 Edition

2022-11-02 00:00:00

The Bug Report October 2022 Edition

2022-11-02 00:00:00

avleonov

Microsoft Patch Tuesday October 2022: Exchange ProxyNotShell RCE, Windows COM+ EoP, AD EoP, Azure Arc Kubernetes EoP

2022-10-29 08:37:59

Microsoft Patch Tuesday November 2022: Exchange ProxyNotShell RCE, JScript9, MoTW, OpenSSL, Edge, CNG, Print Spooler

2022-11-25 20:56:48

Microsoft Patch Tuesday June 2023: Edge type confusion, Git RCE, OneNote Spoofing, PGM RCE, Exchange RCE, SharePoint EoP

2023-06-25 00:35:58

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.216 Low

EPSS

Percentile

96.5%

JSON

Related for NVD:CVE-2022-41082

githubexploit24 cnvd1 zdi31 prion1 cvelist1 cve1 mscve1 rapid7blog6 thn11 cisa1 checkpoint_advisories1 wordfence1 msrc3 cisa_kev3 mssecure1 nessus3 packetstorm1 qualysblog5 hackread1 krebs2 malwarebytes4 attackerkb2 wizblog1 hivepro1 talosblog4 kaspersky1 akamaiblog1 metasploit1 mmpc1 cert1 impervablog1 ics2 securelist2 mskb1 trellix2 avleonov3