Remote Code Execution Vulnerability Affects Microsoft Exchange Server

CVE-2024-26198
8.8HIGH

Key Information

Vendor
Microsoft
Status
Microsoft Exchange Server 2019 Cumulative Update 14
Microsoft Exchange Server 2019 Cumulative Update 13
Microsoft Exchange Server 2016 Cumulative Update 23
Vendor
CVE Published:
12 March 2024

Badges

👾 Exploit Exists📰 News Worthy

Summary

Microsoft Exchange Server Remote Code Execution Vulnerability

Affected Version(s)

Microsoft Exchange Server 2019 Cumulative Update 14 < 15.02.1258.034

Microsoft Exchange Server 2019 Cumulative Update 13 < 15.02.1544.011

Microsoft Exchange Server 2016 Cumulative Update 23 < 15.01.2507.039

News Articles

favicon imageHelp Net Security

17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns - Help Net Security

At least 17,000 instances of Microsoft Exchange servers in Germany - and likely more of them - are vulnerable to one or more critical flaws.

6 months ago

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • 👾

    Exploit exists.

  • First article discovered by Help Net Security

  • Vulnerability published.

  • Vulnerability Reserved.

Collectors

NVD DatabaseMitre DatabaseMicrosoft Feed0 Proof of Concept(s)1 News Article(s)
.