Summary
Detail | |||
---|---|---|---|
Vendor | Microsoft | First view | 1998-01-01 |
Product | Exchange Server | Last view | 2024-02-13 |
Version | 2013 | Type | |
Update | cu2 | ||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
9.8 | 2024-02-13 | CVE-2024-21410 | Microsoft Exchange Server Elevation of Privilege Vulnerability |
8 | 2023-11-14 | CVE-2023-36439 | Microsoft Exchange Server Remote Code Execution Vulnerability |
8 | 2023-11-14 | CVE-2023-36050 | Microsoft Exchange Server Spoofing Vulnerability |
8 | 2023-11-14 | CVE-2023-36039 | Microsoft Exchange Server Spoofing Vulnerability |
8 | 2023-11-14 | CVE-2023-36035 | Microsoft Exchange Server Spoofing Vulnerability |
8 | 2023-10-10 | CVE-2023-36778 | Microsoft Exchange Server Remote Code Execution Vulnerability |
5.7 | 2023-09-12 | CVE-2023-36777 | Microsoft Exchange Server Information Disclosure Vulnerability |
8 | 2023-09-12 | CVE-2023-36757 | Microsoft Exchange Server Spoofing Vulnerability |
8 | 2023-09-12 | CVE-2023-36756 | Microsoft Exchange Server Remote Code Execution Vulnerability |
8 | 2023-09-12 | CVE-2023-36745 | Microsoft Exchange Server Remote Code Execution Vulnerability |
8 | 2023-09-12 | CVE-2023-36744 | Microsoft Exchange Server Remote Code Execution Vulnerability |
8.8 | 2023-08-08 | CVE-2023-38185 | Microsoft Exchange Server Remote Code Execution Vulnerability |
8 | 2023-08-08 | CVE-2023-38182 | Microsoft Exchange Server Remote Code Execution Vulnerability |
8.8 | 2023-08-08 | CVE-2023-38181 | Microsoft Exchange Server Spoofing Vulnerability |
8 | 2023-08-08 | CVE-2023-35388 | Microsoft Exchange Server Remote Code Execution Vulnerability |
8.8 | 2023-08-08 | CVE-2023-35368 | Microsoft Exchange Remote Code Execution Vulnerability |
9.8 | 2023-08-08 | CVE-2023-21709 | Microsoft Exchange Server Elevation of Privilege Vulnerability |
8.8 | 2023-06-14 | CVE-2023-32031 | Microsoft Exchange Server Remote Code Execution Vulnerability |
8 | 2023-06-14 | CVE-2023-28310 | Microsoft Exchange Server Remote Code Execution Vulnerability |
7.2 | 2023-02-14 | CVE-2023-21710 | Microsoft Exchange Server Remote Code Execution Vulnerability |
8.8 | 2023-02-14 | CVE-2023-21707 | Microsoft Exchange Server Remote Code Execution Vulnerability |
8.8 | 2023-02-14 | CVE-2023-21706 | Microsoft Exchange Server Remote Code Execution Vulnerability |
8.8 | 2023-02-14 | CVE-2023-21529 | Microsoft Exchange Server Remote Code Execution Vulnerability |
7.8 | 2023-01-10 | CVE-2023-21764 | Microsoft Exchange Server Elevation of Privilege Vulnerability |
7.8 | 2023-01-10 | CVE-2023-21763 | Microsoft Exchange Server Elevation of Privilege Vulnerability |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
32% (35) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
10% (11) | CWE-20 | Improper Input Validation |
5% (6) | CWE-787 | Out-of-bounds Write |
5% (6) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
5% (6) | CWE-200 | Information Exposure |
5% (6) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
3% (4) | CWE-601 | URL Redirection to Untrusted Site ('Open Redirect') |
3% (4) | CWE-502 | Deserialization of Untrusted Data |
3% (4) | CWE-287 | Improper Authentication |
2% (3) | CWE-269 | Improper Privilege Management |
1% (2) | CWE-434 | Unrestricted Upload of File with Dangerous Type |
1% (2) | CWE-399 | Resource Management Errors |
1% (2) | CWE-284 | Access Control (Authorization) Issues |
0% (1) | CWE-798 | Use of Hard-coded Credentials |
0% (1) | CWE-732 | Incorrect Permission Assignment for Critical Resource |
0% (1) | CWE-669 | Incorrect Resource Transfer Between Spheres |
0% (1) | CWE-665 | Improper Initialization |
0% (1) | CWE-476 | NULL Pointer Dereference |
0% (1) | CWE-401 | Failure to Release Memory Before Removing Last Reference ('Memory L... |
0% (1) | CWE-352 | Cross-Site Request Forgery (CSRF) |
0% (1) | CWE-327 | Use of a Broken or Risky Cryptographic Algorithm |
0% (1) | CWE-310 | Cryptographic Issues |
0% (1) | CWE-307 | Improper Restriction of Excessive Authentication Attempts |
0% (1) | CWE-294 | Authentication Bypass by Capture-replay |
0% (1) | CWE-290 | Authentication Bypass by Spoofing |
CAPEC : Common Attack Pattern Enumeration & Classification
id | Name |
---|---|
CAPEC-18 | Embedding Scripts in Nonscript Elements |
CAPEC-32 | Embedding Scripts in HTTP Query Strings |
CAPEC-244 | Cross-Site Scripting via Encoded URI Schemes |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:82 | Microsoft RPC Denial of Service |
oval:org.mitre.oval:def:334 | Windows NNTP Memory Leak |
oval:org.mitre.oval:def:1022 | MS Exchange Server Broad Permissions in WinReg Registry Key |
oval:org.mitre.oval:def:30 | Microsoft SMTP Malformed BDAT Request Denial of Service |
oval:org.mitre.oval:def:477 | MS Exchange / OWA NTLM Authentication Vulnerability |
oval:org.mitre.oval:def:2016 | MS Exchange Server Cross-site Scripting Vulnerability |
oval:org.mitre.oval:def:5926 | Windows 2000 NNTP Component Buffer Overflow |
oval:org.mitre.oval:def:5070 | Windows NT NNTP Component Buffer Overflow |
oval:org.mitre.oval:def:5021 | Vulnerability in NNTP Could Allow Remote Code Execution |
oval:org.mitre.oval:def:4392 | Windows Server 2003 NNTP Component Buffer Overflow |
oval:org.mitre.oval:def:246 | Network News Transfer Protocol Buffer Overflow |
oval:org.mitre.oval:def:5509 | Exchange Server 2003 Routing Engine Buffer Overflow |
oval:org.mitre.oval:def:3460 | Exchange Server 2003 (Windows Server 2003, 64-Bit Edition) Routing Engine Buf... |
oval:org.mitre.oval:def:2300 | Exchange Server 2003 (INTERIM) Routing Engine Buffer Overflow |
oval:org.mitre.oval:def:4499 | OLE Component Input Validation Vulnerability (Windows XP) |
oval:org.mitre.oval:def:3568 | OLE Component Input Validation Vulnerability (Server / XP 2003) |
oval:org.mitre.oval:def:2917 | OLE Component Input Validation Vulnerability (Windows 2000) |
oval:org.mitre.oval:def:1180 | OLE Component Input Validation Vulnerability (32-bit XP,SP2) |
oval:org.mitre.oval:def:4032 | Exchange Server SMTP Buffer Overflow |
oval:org.mitre.oval:def:848 | Buffer Overflow in CDOSYS Message Processing (64-bit WinXP,SP1) |
oval:org.mitre.oval:def:581 | Buffer Overflow in CDOSYS Message Processing (Server 2003,SP1) |
oval:org.mitre.oval:def:1515 | Buffer Overflow in CDOSYS Message Processing (WinXP,SP2) |
oval:org.mitre.oval:def:1420 | Buffer Overflow in CDOSYS Message Processing (Win2K,SP4) |
oval:org.mitre.oval:def:1406 | Buffer Overflow in CDOSYS Message Processing (WinXP,SP1) |
oval:org.mitre.oval:def:1201 | Buffer Overflow in CDOEX Message Processing |
SAINT Exploits
Description | Link |
---|---|
Microsoft Exchange Server ProxyLogon vulnerability | More info here |
Microsoft Exchange X-LINK2STATE buffer overflow | More info here |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
69810 | Microsoft Exchange Server store.exe Malformed MAPI Request Infinite Loop Remo... |
64980 | Microsoft Outlook Web Access (OWA) URI id Parameter Information Disclosure |
64794 | Microsoft Multiple Products smtpsvc.dll DNS Implementation Predictable Transa... |
64793 | Microsoft Multiple Products smtpsvc.dll DNS Implementation ID Transaction Ver... |
63739 | Microsoft Windows SMTP / Exchange Server Malformed Command Sequence Remote In... |
63738 | Microsoft Windows SMTP / Exchange Server DNS Mail Exchanger (MX) Resource Rec... |
59886 | Microsoft Exchange Malformed Microsoft Remote Procedure Call (MSRPC) Remote DoS |
59808 | Microsoft Exchange Request Saturation License Exhaustion Remote DoS |
59258 | Microsoft Exchange ACL Modification Update Weakness |
58018 | Mdaemon MTA HELO Command Remote Overflow |
58016 | Ipswitch MTA HELO Command Remote Overflow |
51838 | Microsoft Exchange Server EMSMDB2 Invalid MAPI Command Remote DoS |
51837 | Microsoft Exchange Server Message Transport Neutral Encapsulation Format (TNE... |
49230 | Microsoft Outlook Web Access (OWA) exchweb/bin/redir.asp URL Variable Arbitra... |
46780 | Microsoft Outlook Web Access (OWA) HTML Parsing Unspecified XSS |
46779 | Microsoft Outlook Web Access (OWA) Data Validation Unspecified XSS |
34392 | Microsoft Exchange Server IMAP Literal Processing DoS |
34391 | Microsoft Exchange Server MIME Decoding Remote Code Execution |
34390 | Microsoft Exchange Server MODPROPS Malformed iCal DoS |
34389 | Microsoft Exchange Outlook Web Access (OWA) Attachment Script Injection |
27087 | Microsoft IIS SMTP Encapsulated SMTP Address Open Relay |
26441 | Microsoft Exchange Server Outlook Web Access HTML Parsing Unspecified XSS |
25338 | Microsoft Exchange Collaboration Data Objects Crafted Email Code Execution |
22305 | Microsoft Outlook/Exchange TNEF Decoding Arbitrary Code Execution |
19905 | Microsoft Collaboration Data Objects Remote Overflow |
OpenVAS Exploits
id | Description |
---|---|
2012-12-12 | Name : MS Exchange Server Remote Code Execution Vulnerabilities (2784126) File : nvt/secpod_ms12-080.nasl |
2010-05-05 | Name : Microsoft Windows SMTP Server DNS spoofing vulnerability File : nvt/gb_ms_smtp_dns_spoofing_vulnerability.nasl |
2010-04-26 | Name : Microsoft SMTP Service and Exchange Routing Engine Buffer Overflow Vulnerability File : nvt/gb_ms04_035.nasl |
2010-04-26 | Name : Windows NT NNTP Component Buffer Overflow File : nvt/gb_ms04_036.nasl |
2010-04-23 | Name : Microsoft Exchange and Windows SMTP Service Denial of Service Vulnerability (... File : nvt/secpod_ms10-024.nasl |
2010-04-22 | Name : Microsoft Windows SMTP Server MX Record Denial of Service Vulnerability File : nvt/gb_ms10_024.nasl |
2009-02-11 | Name : Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (959239) File : nvt/secpod_ms09-003.nasl |
2008-08-22 | Name : Outlook Web Access for Exchange Server Elevation of Privilege (953747) File : nvt/secpod_ms08-039_900007.nasl |
2006-03-26 | Name : Microsoft's SQL Version Query File : nvt/mssql_version.nasl |
2005-11-03 | Name : Microsoft Exchange Public Folders Information Leak File : nvt/exchange_public_folders_information_leak.nasl |
2005-11-03 | Name : Exchange XEXCH50 Remote Buffer Overflow File : nvt/exchange_xexch50_overflow.nasl |
2005-11-03 | Name : Outlook Web anonymous access File : nvt/owa-anonymous.nasl |
2005-11-03 | Name : Outlook Web Access URL Injection File : nvt/owa_sqlinject.nasl |
2005-11-03 | Name : Exchange 2000 Exhaust CPU Resources (Q320436) File : nvt/smb_nt_ms02-025.nasl |
2005-11-03 | Name : Vulnerability in Exchange Server 5.5 Outlook Web Access XSS (842436) File : nvt/smb_nt_ms04-026.nasl |
2005-11-03 | Name : IMC SMTP EHLO Buffer Overrun File : nvt/smtp_ms02-037.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2015-B-0109 | Multiple Vulnerabilities in Microsoft Exchange Server (MS15-103) Severity: Category II - VMSKEY: V0061367 |
2015-A-0049 | Multiple Vulnerabilities in Microsoft Exchange Server (MS15-026) Severity: Category II - VMSKEY: V0058991 |
2014-A-0186 | Multiple Vulnerabilities in Microsoft Exchange Server (MS14-075) Severity: Category II - VMSKEY: V0057713 |
2013-A-0231 | Multiple Vulnerabilities in Microsoft Exchange Server Severity: Category I - VMSKEY: V0042592 |
2010-B-0107 | Microsoft Exchange Server Denial of Service Vulnerability Severity: Category II - VMSKEY: V0025857 |
2010-B-0029 | Multiple Vulnerabilities in Microsoft Exchange and Windows SMTP Service Severity: Category II - VMSKEY: V0023955 |
2009-A-0013 | Multiple Remote Code Execution Vulnerabilities in Microsoft Exchange Severity: Category I - VMSKEY: V0018388 |
2008-T-0033 | Multiple Vulnerabilities in Microsoft Outlook Web Access Severity: Category II - VMSKEY: V0016150 |
2007-A-0031 | Multiple Vulnerabilities in Microsoft Exchange Severity: Category I - VMSKEY: V0014220 |
2006-A-0003 | Microsoft Outlook and Exchange TNEF Decoding Vulnerability Severity: Category I - VMSKEY: V0011719 |
2005-A-0001 | Multiple Vulnerabilities in Microsoft Windows Severity: Category I - VMSKEY: V0005996 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Microsoft Windows Exchange Server 5.5 mime DOS RuleID : 658-community - Type : SERVER-MAIL - Revision : 19 |
2014-01-10 | Microsoft Windows Exchange Server 5.5 mime DOS RuleID : 658 - Type : SERVER-MAIL - Revision : 19 |
2021-01-07 | Microsoft Exchange Server 2010 deserialization attempt RuleID : 56554 - Type : SERVER-OTHER - Revision : 1 |
2020-10-27 | Microsoft Exchange Server DlpUtils remote code execution attempt RuleID : 55826 - Type : SERVER-WEBAPP - Revision : 1 |
2020-04-07 | Microsoft Exchange Control Panel remote code execution attempt RuleID : 53383 - Type : SERVER-WEBAPP - Revision : 1 |
2020-04-07 | Microsoft Exchange Control Panel static viewstate key use attempt RuleID : 53382 - Type : SERVER-WEBAPP - Revision : 1 |
2020-04-07 | Microsoft Exchange Control Panel remote code execution attempt RuleID : 53381 - Type : SERVER-WEBAPP - Revision : 2 |
2020-04-07 | Microsoft Exchange Control Panel remote code execution attempt RuleID : 53380 - Type : SERVER-WEBAPP - Revision : 1 |
2020-03-31 | Microsoft Exchange Control Panel remote code execution attempt RuleID : 53351 - Type : SERVER-WEBAPP - Revision : 2 |
2020-03-31 | Microsoft Exchange Control Panel remote code execution attempt RuleID : 53350 - Type : SERVER-WEBAPP - Revision : 3 |
2020-03-31 | Microsoft Exchange Control Panel remote code execution attempt RuleID : 53349 - Type : SERVER-WEBAPP - Revision : 2 |
2020-03-31 | Microsoft Exchange Control Panel remote code execution attempt RuleID : 53348 - Type : SERVER-WEBAPP - Revision : 3 |
2020-03-31 | Microsoft Exchange Control Panel remote code execution attempt RuleID : 53347 - Type : SERVER-WEBAPP - Revision : 2 |
2020-03-31 | Microsoft Exchange Control Panel remote code execution attempt RuleID : 53346 - Type : SERVER-WEBAPP - Revision : 3 |
2020-03-10 | Microsoft Windows Exchange Server remote privilege escalation attempt RuleID : 53063 - Type : POLICY-OTHER - Revision : 1 |
2019-11-21 | Microsoft Exchange Server PushSubscriptionRequest setup attempt RuleID : 51966 - Type : POLICY-OTHER - Revision : 1 |
2019-03-12 | NTLM authentication relay attempt RuleID : 49171 - Type : OS-WINDOWS - Revision : 1 |
2019-03-09 | Microsoft Exchange Server NTLM relay attack attempt RuleID : 49100 - Type : SERVER-OTHER - Revision : 2 |
2018-05-08 | Microsoft Windows Defender malformed RAR memory corruption attempt RuleID : 46164 - Type : FILE-OTHER - Revision : 1 |
2018-05-08 | Microsoft Windows Defender malformed RAR memory corruption attempt RuleID : 46163 - Type : FILE-OTHER - Revision : 1 |
2014-01-10 | X-LINK2STATE CHUNK command attempt RuleID : 3627 - Type : SERVER-MAIL - Revision : 14 |
2015-05-21 | Oracle CorelDRAW file parser heap buffer overflow attempt RuleID : 34142 - Type : SERVER-OTHER - Revision : 3 |
2015-05-21 | Oracle CorelDRAW file parser heap buffer overflow attempt RuleID : 34141 - Type : SERVER-OTHER - Revision : 3 |
2015-04-14 | Microsoft Exchange UM Management user stored XSS attempt RuleID : 33811 - Type : SERVER-MAIL - Revision : 3 |
2015-04-14 | Microsoft Exchange Server custom DLP policy name cross-site scripting attempt RuleID : 33810 - Type : SERVER-OTHER - Revision : 3 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2018-04-04 | Name: An antimalware application installed on the remote host is affected by a remo... File: microsoft_mpeng_1_1_14700_5.nasl - Type: ACT_GATHER_INFO |
2018-04-03 | Name: The remote mail server is affected by a denial of service vulnerability. File: exchange_ms10-106.nasl - Type: ACT_GATHER_INFO |
2018-04-03 | Name: The remote mail server may be affected by multiple vulnerabilities. File: exchange_ms10-024.nasl - Type: ACT_GATHER_INFO |
2018-04-03 | Name: Arbitrary code can be executed on the remote host through the email server. File: exchange_ms09-003.nasl - Type: ACT_GATHER_INFO |
2017-12-12 | Name: The Microsoft Exchange Server installed on the remote host is missing a secur... File: smb_nt_ms17_dec_exchange.nasl - Type: ACT_GATHER_INFO |
2017-09-12 | Name: The Microsoft Exchange Server installed on the remote host is affected by mul... File: smb_nt_ms17_sep_exchange.nasl - Type: ACT_GATHER_INFO |
2017-07-13 | Name: The remote Microsoft Exchange Server is affected by multiple vulnerabilities. File: smb_nt_ms17_jul_4018588.nasl - Type: ACT_GATHER_INFO |
2017-03-15 | Name: The remote Microsoft Exchange Server is affected by multiple vulnerabilities. File: smb_nt_ms17-015.nasl - Type: ACT_GATHER_INFO |
2016-09-13 | Name: The remote Microsoft Exchange Server is affected by multiple vulnerabilities. File: smb_nt_ms16-108.nasl - Type: ACT_GATHER_INFO |
2016-01-13 | Name: The remote Microsoft Exchange server is affected by multiple spoofing vulnera... File: smb_nt_ms16-010.nasl - Type: ACT_GATHER_INFO |
2015-09-10 | Name: The remote Microsoft Exchange server is affected by multiple information disc... File: smb_nt_ms15-103.nasl - Type: ACT_GATHER_INFO |
2015-06-10 | Name: The remote Microsoft Exchange server is affected by multiple vulnerabilities. File: smb_nt_ms15-064.nasl - Type: ACT_GATHER_INFO |
2015-03-10 | Name: The remote Microsoft Exchange server is affected by multiple vulnerabilities. File: smb_nt_ms15-026.nasl - Type: ACT_GATHER_INFO |
2014-12-09 | Name: The remote mail server is affected by multiple vulnerabilities. File: smb_nt_ms14-075.nasl - Type: ACT_GATHER_INFO |
2013-12-11 | Name: The remote mail server has multiple vulnerabilities. File: smb_nt_ms13-105.nasl - Type: ACT_GATHER_INFO |
2013-02-12 | Name: The remote mail server has multiple vulnerabilities. File: smb_nt_ms13-012.nasl - Type: ACT_GATHER_INFO |
2012-12-11 | Name: The remote mail server has multiple vulnerabilities. File: smb_nt_ms12-080.nasl - Type: ACT_GATHER_INFO |
2010-12-15 | Name: The remote mail server has a denial of service vulnerability. File: smb_nt_ms10-106.nasl - Type: ACT_GATHER_INFO |
2010-07-26 | Name: The remote web server is prone to cross-site scripting attacks. File: torture_cgi_cross_site_scripting2.nasl - Type: ACT_ATTACK |
2010-04-13 | Name: The remote mail server may be affected by multiple vulnerabilities. File: smtp_kb981832.nasl - Type: ACT_GATHER_INFO |
2010-04-13 | Name: The remote mail server may be affected by multiple vulnerabilities. File: smb_nt_ms10-024.nasl - Type: ACT_GATHER_INFO |
2009-02-11 | Name: Arbitrary code can be executed on the remote host through the email server. File: smb_nt_ms09-003.nasl - Type: ACT_GATHER_INFO |
2008-07-08 | Name: The remote web server is vulnerable to cross-site scripting issues. File: smb_nt_ms08-039.nasl - Type: ACT_GATHER_INFO |
2007-05-08 | Name: Arbitrary code can be executed on the remote host through the email server. File: smb_nt_ms07-026.nasl - Type: ACT_GATHER_INFO |
2007-03-28 | Name: It is possible to crash the mail service. File: smb_nt_ms02-012.nasl - Type: ACT_GATHER_INFO |