KLA11420
Multiple vulnerabilities in Microsoft Exchange Server
Обновлено: 26/06/2019
Дата обнаружения
12/02/2019
Уровень угрозы
High
Описание

Multiple elevation of privilege vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to gain privileges.

Пораженные продукты

Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 26
Microsoft Exchange Server 2016 Cumulative Update 12
Microsoft Exchange Server 2013 Cumulative Update 22
Microsoft Exchange Server 2019 Cumulative Update 1

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2019-0724
CVE-2019-0686
ADV190004
Оказываемое влияние
?
PE 
[?]
Связанные продукты
Microsoft Exchange Server
CVE-IDS
CVE-2019-07248.1Critical
CVE-2019-06867.4High
KB list

4471391
4471392
4487052
4345836

Microsoft official advisories
Microsoft Security Update Guide