KLA11664
Multiple vulnerabilities in Microsoft Exchange Server

Обновлено: 18/01/2022

Дата обнаружения	11/02/2020
Уровень угрозы	High
Описание	Multiple vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code. Below is a complete list of vulnerabilities: An elevation of privilege vulnerability in Microsoft Exchange Server can be exploited remotely to gain privileges. A memory corruption vulnerability in Microsoft Exchange can be exploited remotely via specially crafted email to execute arbitrary code.
Эксплуатация	Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Пораженные продукты	Microsoft Exchange Server 2016 Cumulative Update 14 Microsoft Exchange Server 2016 Cumulative Update 15 Microsoft Exchange Server 2013 Cumulative Update 23 Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 30 Microsoft Exchange Server 2019 Cumulative Update 4 Microsoft Exchange Server 2019 Cumulative Update 3
Решение	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Первичный источник обнаружения	CVE-2020-0692 CVE-2020-0688
Оказываемое влияние ?	ACE [?] PE [?]
Связанные продукты	Microsoft Exchange Server
CVE-IDS	CVE-2020-06926.8High CVE-2020-06889.0Critical
KB list	4536988 4536989 4536987

KLA11664Multiple vulnerabilities in Microsoft Exchange Server