Multiple vulnerabilities in Microsoft Exchange Server

Description

Multiple vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges.

Below is a complete list of vulnerabilities:

1. An information disclosure vulnerability in Microsoft Exchange can be exploited remotely to obtain sensitive information.
2. An elevation of privilege vulnerability in Microsoft Exchange Server can be exploited remotely to gain privileges.

Original advisories

• CVE-2022-30134

• CVE-2022-24516
• CVE-2022-21979
• CVE-2022-34692
• CVE-2022-21980
• CVE-2022-24477

Related products

• Microsoft-Exchange-Server

CVE list

• CVE-2022-30134
  high
• CVE-2022-24516
  critical
• CVE-2022-21979
  warning
• CVE-2022-34692
  high
• CVE-2022-21980
  critical
• CVE-2022-24477
  critical

KB list

• 5015322
• 5019076
• 5019077

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com