CVE-2023-38185
published 2023-08-08CVE-2023-38185: Microsoft Exchange Server Remote Code Execution Vulnerability
PriorityP358high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
2.56%
83.1th percentile
Microsoft Exchange Server Remote Code Execution Vulnerability
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | exchange_server | — | — |
| microsoft | exchange_server | — | — |
| microsoft | microsoft_exchange_server_2016_cumulative_update_23 | >= 15.01.0 < 15.01.2507.032 | 15.01.2507.032 |
| microsoft | microsoft_exchange_server_2019_cumulative_update_12 | >= 15.02.0 < 15.02.1118.037 | 15.02.1118.037 |
| microsoft | microsoft_exchange_server_2019_cumulative_update_13 | >= 15.02.0 < 15.02.1258.025 | 15.02.1258.025 |
| msrc | microsoft_exchange_server_2016_cumulative_update_23 | — | — |
| msrc | microsoft_exchange_server_2019_cumulative_update_12 | — | — |
| msrc | microsoft_exchange_server_2019_cumulative_update_13 | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vendor_msrc8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Microsoft Exchange Server Remote Code Execution Vulnerability
vendor_msrc·2023-08-08·CVSS 8.8
CVE-2023-38185 [CRITICAL] CWE-23 Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
FAQ: According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is none (UI:N). What is the target used in the context of the remote code execution?
The attacker for this vulnerability could target the server accounts in an arbitrary or remote code execution. As an authenticated user, the attacker could attempt to trigger malicious code in the context of the server's account through a network call.
FAQ: According to the CVSS metric, privileges required is low (PR:L). Does the attacker need to be in an authenticated role on the Exchange Server?
Yes, the attacker must be authenticated.
FAQ: How could an attacker exploit this vulnerability?
In a network-based attack, an attacker could trigger mali
GHSA
GHSA-j5pp-wfmg-q9jp: Microsoft Exchange Server Remote Code Execution Vulnerability
ghsa_unreviewed·2023-08-08
CVE-2023-38185 [HIGH] GHSA-j5pp-wfmg-q9jp: Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
No detection rules found.
No public exploits indexed.
Talos
Six critical vulnerabilities included in August’s Microsoft security update
blogs_talos·2023-08-08·CVSS 8.8
[HIGH] Six critical vulnerabilities included in August’s Microsoft security update
Microsoft disclosed 73 vulnerabilities across its suite of products and software Tuesday, including six that are considered “critical.”
One of the vulnerabilities, which Microsoft considers to be only of "moderate" severity, has been actively exploited in the wild. The company has had to address many zero-day vulnerabilities in its monthly security updates this year, including four last month and one in May. Microsoft also released an advisory detailing changes to its defense-in-depth model to defend against tactics adversaries are currently using in the wild.
Outside of the six critical issues, two are considered to be of “moderate” severity, while the remainder are listed as “important.”
Two of the critical vulnerabilities lie in Microsoft Teams, the company’s popular collaboration an
Talos
Six critical vulnerabilities included in August’s Microsoft security update
blogs_talos·2023-08-08·CVSS 8.8
[HIGH] Six critical vulnerabilities included in August’s Microsoft security update
## Six critical vulnerabilities included in August’s Microsoft security update
Microsoft disclosed 73 vulnerabilities across its suite of products and software Tuesday, including six that are considered “critical.”
One of the vulnerabilities, which Microsoft considers to be only of "moderate" severity, has been actively exploited in the wild. The company has had to address many zero-day vulnerabilities in its monthly security updates this year, including four last month and one in May . Microsoft also released an advisory detailing changes to its defense-in-depth model to defend against tactics adversaries are currently using in the wild.
Outside of the six critical issues, two are considered to be of “moderate” severity, while the remainder are listed as “important.”
Two of the critic
Tenable
Microsoft’s August 2023 Patch Tuesday Addresses 73 CVEs (CVE-2023-38180)
blogs_tenable·2023-08-08·CVSS 7.5
[HIGH] Microsoft’s August 2023 Patch Tuesday Addresses 73 CVEs (CVE-2023-38180)
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
2023-08-08
Published