CVE-2023-38181

CWE-502 — Deserialization of Untrusted Data CWE-416 — Use After Free3 documents3 sources

Severity

8.8HIGH

No vector

EPSS

23.0%

top 4.09%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

3

Microsoft Microsoft Exchange Server 2016 Cumulative Update 23 Microsoft Microsoft Exchange Server 2019 Cumulative Update 12 Microsoft Microsoft Exchange Server 2019 Cumulative Update 13

Timeline

PublishedAug 8

Description

Microsoft Exchange Server Spoofing Vulnerability Microsoft Exchange Server Spoofing Vulnerability

Affected Packages3 packages

▶CVEListV5microsoft/microsoft_exchange_server_2016_cumulative_update_2315.01.0 — 15.01.2507.032

▶CVEListV5microsoft/microsoft_exchange_server_2019_cumulative_update_1215.02.0 — 15.02.1118.037

▶CVEListV5microsoft/microsoft_exchange_server_2019_cumulative_update_1315.02.0 — 15.02.1258.025

🔴Vulnerability Details

1

CVEList

Microsoft Exchange Server Spoofing Vulnerability↗2023-08-08

▶

📋Vendor Advisories

2

Microsoft

Microsoft Exchange Server Spoofing Vulnerability↗2023-08-08

▶

CISA

Arm Mali GPU Kernel Driver Use-After-Free Vulnerability↗2023-03-30

▶