CVE-2022-21855Microsoft Exchange Server 2013 Cumulative Update 23 vulnerability

14 documents5 sources
Severity
9.0CRITICALNVD
EPSS
1.5%
top 18.66%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Microsoft Exchange Server 2013 Cumulative Update 23Microsoft Exchange Server 2016 Cumulative Update 21Microsoft Exchange Server 2016 Cumulative Update 22+3 more
Timeline
PublishedJan 11
Latest updateJan 12

Description

Microsoft Exchange Server Remote Code Execution Vulnerability

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 2.3 | Impact: 6.0

Affected Packages6 packages

🔴Vulnerability Details

12
OSV
linux-iot vulnerabilities2026-01-12
OSV
linux-kvm vulnerabilities2026-01-09
OSV
linux-raspi, linux-raspi-5.4 vulnerabilities2026-01-06
OSV
linux-raspi vulnerabilities2025-12-19
OSV
linux-oracle-5.4 vulnerabilities2025-12-19

📋Vendor Advisories

1
Microsoft
Microsoft Exchange Server Remote Code Execution Vulnerability2022-01-11
CVE-2022-21855 — Microsoft vulnerability | cvebase