CVE-2023-36757

CWE-502 — Deserialization of Untrusted Data2 documents2 sources

Severity

8.0HIGH

No vector

EPSS

0.2%

top 52.31%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

3

Microsoft Microsoft Exchange Server 2016 Cumulative Update 23 Microsoft Microsoft Exchange Server 2019 Cumulative Update 12 Microsoft Microsoft Exchange Server 2019 Cumulative Update 13

Timeline

PublishedSep 12

Description

Microsoft Exchange Server Spoofing Vulnerability Microsoft Exchange Server Spoofing Vulnerability

Affected Packages3 packages

▶CVEListV5microsoft/microsoft_exchange_server_2016_cumulative_update_2315.01.0 — 15.01.2507.032

▶CVEListV5microsoft/microsoft_exchange_server_2019_cumulative_update_1215.02.0 — 15.02.1118.037

▶CVEListV5microsoft/microsoft_exchange_server_2019_cumulative_update_1315.02.0 — 15.02.1258.025

🔴Vulnerability Details

1

CVEList

Microsoft Exchange Server Spoofing Vulnerability↗2023-09-12

▶

📋Vendor Advisories

1

Microsoft

Microsoft Exchange Server Spoofing Vulnerability↗2023-09-12

▶