CVE-2022-41082

Microsoft Exchange Server Remote Code Execution Vulnerability
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_23:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_12:*:*:*:*:*:*

History

21 Nov 2024, 07:22

Type Values Removed Values Added
References () http://packetstormsecurity.com/files/170066/Microsoft-Exchange-ProxyNotShell-Remote-Code-Execution.html - Exploit, Third Party Advisory, VDB Entry () http://packetstormsecurity.com/files/170066/Microsoft-Exchange-ProxyNotShell-Remote-Code-Execution.html - Exploit, Third Party Advisory, VDB Entry
References () https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41082 - Patch, Vendor Advisory () https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41082 - Patch, Vendor Advisory
References () https://www.kb.cert.org/vuls/id/915563 - Third Party Advisory, US Government Resource () https://www.kb.cert.org/vuls/id/915563 - Third Party Advisory, US Government Resource
References () https://www.secpod.com/blog/microsoft-november-2022-patch-tuesday-patches-65-vulnerabilities-including-6-zero-days/ - Third Party Advisory () https://www.secpod.com/blog/microsoft-november-2022-patch-tuesday-patches-65-vulnerabilities-including-6-zero-days/ - Third Party Advisory

28 Jun 2024, 14:00

Type Values Removed Values Added
References () https://www.secpod.com/blog/microsoft-november-2022-patch-tuesday-patches-65-vulnerabilities-including-6-zero-days/ - () https://www.secpod.com/blog/microsoft-november-2022-patch-tuesday-patches-65-vulnerabilities-including-6-zero-days/ - Third Party Advisory

20 Dec 2023, 20:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 8.8
v2 : unknown
v3 : 8.0
Summary Microsoft Exchange Server Remote Code Execution Vulnerability. Microsoft Exchange Server Remote Code Execution Vulnerability

08 Aug 2023, 14:21

Type Values Removed Values Added
CWE NVD-CWE-noinfo CWE-502

Information

Published : 2022-10-03 01:15

Updated : 2024-11-21 07:22


NVD link : CVE-2022-41082

Mitre link : CVE-2022-41082

CVE.ORG link : CVE-2022-41082


JSON object : View

Products Affected

microsoft

  • exchange_server
CWE
CWE-502

Deserialization of Untrusted Data