Summary Microsoft is investigating two reported zero-day vulnerabilities affecting Microsoft Exchange Server 2013, 2016, and 2019. The first vulnerability, identified as CVE-2022-41040, is a Server-Side Request Forgery (SSRF) vulnerability, while the second, identified as CVE-2022-41082, allows remote code execution (RCE) when PowerShell is accessible to the attacker. At this time, Microsoft is aware of limited …
Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server Read More »
Source – Microsoft Security Response Center
All content and images belong to their respected owners, this article is curated for informational purposes only.