

Rewterz Threat Advisory – CVE-2022-39327 – Microsoft Azure CLI Vulnerability
November 9, 2022
Rewterz Threat Advisory – CVE-2022-41119 – Microsoft Visual Studio Vulnerability
November 9, 2022
Rewterz Threat Advisory – CVE-2022-39327 – Microsoft Azure CLI Vulnerability
November 9, 2022
Rewterz Threat Advisory – CVE-2022-41119 – Microsoft Visual Studio Vulnerability
November 9, 2022Severity
High
Analysis Summary
CVE-2022-41080 CVSS:8.8
Microsoft Exchange Server could allow a remote authenticated attacker to gain elevated privileges on the system. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2022-41079 CVSS:8
Microsoft Exchange Server could allow a remote authenticated attacker to conduct spoofing attacks.
CVE-2022-41078 CVSS:8
Microsoft Exchange Server could allow a remote authenticated attacker to conduct spoofing attacks.
Impact
- Privilege Escalation
- Gain Access
Indicators Of Compromise
CVE
- CVE-2022-41051
- CVE-2022-41085
Affected Vendors
Microsoft
Affected Products
- Microsoft Exchange Server 2013 CU23
- Microsoft Exchange Server 2016 CU22
- Microsoft Exchange Server 2019 CU11
- Microsoft Exchange Server 2016 CU23
- Microsoft Exchange Server 2019 CU12
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.