5 matches found
Security News: Microsoft Patch Tuesday October 2021, Autodiscover, MysterySnail, Exchange, DNS, Apache, HAProxy, VMware vCenter, Moodle
Hello everyone! This episode will be about relatively recent critical vulnerabilities. Lets start with Microsoft Patch Tuesday for October 2021. Specifically, with the vulnerability that I expected there, but it didnt get there. Autodiscover leak discovered by Guardicore Labs "Autodiscover, a...
CVE-2021-41348
Microsoft Exchange Server Elevation of Privilege Vulnerability...
CVE-2021-41348 Microsoft Exchange Server Elevation of Privilege Vulnerability
...
CVE-2021-41348
CVE-2021-41348 is an Elevation of Privilege vulnerability affecting Microsoft Exchange Server. It is addressed by the October 2021 security update KB5007012 (Exchange Server 2019 CU11/CU10 and 2016 CU22/CU21). CVSSv3.1 base score is 8.0 (HIGH) with adjacent attack vector, low attack complexity, l...
KLA12314 Multiple vulnerabilities in Microsoft Server Software
Multiple vulnerabilities were found in Microsoft Server Software. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface, execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in...