Microsoft Exchange Server 2019 Cumulative Update 6 vulnerabilities
14 known vulnerabilities affecting microsoft/microsoft_exchange_server_2019_cumulative_update_6.
Total CVEs
14
CISA KEV
4
actively exploited
Public exploits
2
Exploited in wild
4
Severity breakdown
CRITICAL3HIGH8MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2021-26855CRITICALCVSS 9.8KEVPoC≥ 15.02.0, < publication2021-03-03
CVE-2021-26855 [CRITICAL] CWE-918 CVE-2021-26855: Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
cvelistv5nvd
CVE-2021-26857HIGHCVSS 7.8KEV≥ 15.02.0, < publication2021-03-03
CVE-2021-26857 [HIGH] CWE-502 CVE-2021-26857: Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
cvelistv5nvd
CVE-2021-27065HIGHCVSS 7.8KEVPoC≥ 15.02.0, < publication2021-03-03
CVE-2021-27065 [HIGH] CWE-22 CVE-2021-27065: Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
cvelistv5nvd
CVE-2021-26858HIGHCVSS 7.8KEV≥ 15.02.0, < publication2021-03-03
CVE-2021-26858 [HIGH] CVE-2021-26858: Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
cvelistv5nvd
CVE-2020-17132CRITICALCVSS 9.1≥ 15.02.0, < publication2020-12-10
CVE-2020-17132 [CRITICAL] CVE-2020-17132: Microsoft Exchange Remote Code Execution Vulnerability
Microsoft Exchange Remote Code Execution Vulnerability
cvelistv5nvd
CVE-2020-17142CRITICALCVSS 9.1≥ 15.02.0, < publication2020-12-10
CVE-2020-17142 [CRITICAL] CVE-2020-17142: Microsoft Exchange Remote Code Execution Vulnerability
Microsoft Exchange Remote Code Execution Vulnerability
cvelistv5nvd
CVE-2020-17117HIGHCVSS 7.2≥ 15.02.0, < publication2020-12-10
CVE-2020-17117 [MEDIUM] CVE-2020-17117: Microsoft Exchange Remote Code Execution Vulnerability
Microsoft Exchange Remote Code Execution Vulnerability
cvelistv5nvd
CVE-2020-17141HIGHCVSS 8.4≥ 15.02.0, < publication2020-12-10
CVE-2020-17141 [HIGH] CVE-2020-17141: Microsoft Exchange Remote Code Execution Vulnerability
Microsoft Exchange Remote Code Execution Vulnerability
cvelistv5nvd
CVE-2020-17143HIGHCVSS 8.8≥ 15.02.0, < publication2020-12-10
CVE-2020-17143 [HIGH] CVE-2020-17143: Microsoft Exchange Server Information Disclosure Vulnerability
Microsoft Exchange Server Information Disclosure Vulnerability
cvelistv5nvd
CVE-2020-17084HIGHCVSS 8.8≥ 15.02.0, < publication2020-11-11
CVE-2020-17084 [HIGH] CWE-120 CVE-2020-17084: Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
cvelistv5nvd
CVE-2020-17083MEDIUMCVSS 5.4≥ 15.02.0, < publication2020-11-11
CVE-2020-17083 [MEDIUM] CWE-79 CVE-2020-17083: Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
cvelistv5nvd
CVE-2020-17085MEDIUMCVSS 4.9≥ 15.02.0, < publication2020-11-11
CVE-2020-17085 [MEDIUM] CVE-2020-17085: Microsoft Exchange Server Denial of Service Vulnerability
Microsoft Exchange Server Denial of Service Vulnerability
cvelistv5nvd
CVE-2020-16969MEDIUMCVSS 6.5≥ 15.02.0, < publication2020-10-16
CVE-2020-16969 [HIGH] CVE-2020-16969: <p>An information disclosure vulnerability exists in how Microsoft Exchange validates tokens when ha
An information disclosure vulnerability exists in how Microsoft Exchange validates tokens when handling certain messages. An attacker who successfully exploited the vulnerability could use this to gain further information from a user.
To exploit the vulnerability, an attacker could include specially crafted OWA messages that could be loaded, without warning o
cvelistv5nvd
CVE-2020-16875HIGHCVSS 7.2≥ 15.02.0, < publication2020-09-11
CVE-2020-16875 [HIGH] CWE-74 CVE-2020-16875: <p>A remote code execution vulnerability exists in Microsoft Exchange server due to improper validat
A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments.
An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. Exploitation of the vulnerability requires an authenticated user in a certain Exchange role to be compromised.
The
cvelistv5nvd