Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Threat Advisory: Microsoft warns of actively exploited vulnerabilities in Exchange Server

🗓️ 30 Sep 2022 21:00:16Reported by Unknown ([email protected])Type 
talosblog
 talosblog🔗 blog.talosintelligence.com👁 274 Views

Microsoft warns of actively exploited vulnerabilities in Exchange Server. Cisco Talos released new coverage to detect and prevent "ProxyNotShell" affecting Microsoft Exchange Servers 2013, 2016 and 2019. Two vulnerabilities, CVE-2022-41040 (SSRF) and CVE-2022-41082 (RCE), have been disclosed. Microsoft provided mitigations but no fixes yet. Exploitation leads to information-gathering and WebShells deployment

Show more
Related
ReporterTitlePublishedViews
Family
Qualys Blog		Qualys Response to ProxyNotShell Microsoft Exchange Server Zero-Day Threat Using Qualys Cloud Platform
30 Sep 202223:25
qualysblog
Qualys Blog		Qualys Research Team: Threat Thursdays, October 2022
28 Oct 202200:58
qualysblog
Qualys Blog		Safeguard Your Organization this Holiday Season with Endpoint Security from Qualys
26 Oct 202313:04
qualysblog
Qualys Blog		October 2022 Patch Tuesday | Microsoft Releases 84 Vulnerabilities with 13 Critical, plus 12 Microsoft Edge (Chromium-Based); Adobe Releases 4 Advisories, 29 Vulnerabilities with 17 Critical.
11 Oct 202220:00
qualysblog
Qualys Blog		November 2022 Patch Tuesday | Microsoft Releases 65 New Vulnerabilities with 10 Critical; Adobe Releases Zero Advisories (for the first time in six years).
8 Nov 202221:00
qualysblog
Qualys Blog		Defense Lessons From the Black Basta Ransomware Playbook
25 Feb 202518:18
qualysblog
Talos Blog		Threat Source newsletter (Oct. 6, 2022) — Continuing down the Privacy Policy rabbit hole
6 Oct 202218:00
talosblog
Talos Blog		Threat Source newsletter (Oct. 6, 2022) — Continuing down the Privacy Policy rabbit hole
6 Oct 202218:00
talosblog
Talos Blog		Threat Advisory: Microsoft warns of actively exploited vulnerabilities in Exchange Server
30 Sep 202221:16
talosblog
The Hacker News		State-Sponsored Hackers Likely Exploited MS Exchange 0-Days Against ~10 Organizations
1 Oct 202206:36
thn
Rows per page

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
30 Sep 2022 21:16Current
0.1Low risk
Vulners AI Score0.1
EPSS0.94265
microsoft threat advisoryproxynotshellcisco talosexchange servercve-2022-41040cve-2022-41082ssrfrcewebshellsexploitation
274
.json
Report