Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability | ||
CVE name | CVE-2023-21529 | |
Severity/CVSS Score | High | CVSS:8.8 |
Exploitation Status | Exploited in the Wild | |
Description | remote code execution vulnerability associated with Ransomware in Microsoft Exchange Server due to improper input validation.
A remote user can send a specially crafted request and execute arbitrary code in the context of the server’s account. Successful exploitation of this vulnerability may result in the complete compromise of vulnerable system | |
Affected Versions/Products | Microsoft Exchange Server 2013 Cumulative Update 23 Microsoft Exchange Server 2016 Cumulative Update 23 Microsoft Exchange Server 2019 Cumulative Update 11 Microsoft Exchange Server 2019 Cumulative Update 12 | |
Solutions | it is recommended to patch | |