CVE-2022-41080

Warnung

EPSS 93.74%
Veröffentlicht 09.11.2022 22:15:21
Zuletzt bearbeitet 18.02.2025 15:01:39
Quelle secure@microsoft.com
Teams Watchlist Login
Unerledigt Login

Microsoft Exchange Server Elevation of Privilege Vulnerability

Betroffene Produkte Warnungen 1 Metriken 3 CWE 0 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Exchange Server Version2013 Updatecumulative_update_23

Microsoft ≫ Exchange Server Version2016 Updatecumulative_update_22

Microsoft ≫ Exchange Server Version2016 Updatecumulative_update_23

Microsoft ≫ Exchange Server Version2019 Updatecumulative_update_11

Microsoft ≫ Exchange Server Version2019 Updatecumulative_update_12

10.01.2023: CISA Known Exploited Vulnerabilities (KEV) Catalog

Microsoft Exchange Server Privilege Escalation Vulnerability

Schwachstelle

Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation. This vulnerability is chainable with CVE-2022-41082, which allows for remote code execution.

Beschreibung

Apply updates per vendor instructions.

Erforderliche Maßnahmen

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	93.74%	0.999

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
secure@microsoft.com	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41080

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-41080

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-41080

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-41080

EUVD