Exchange: Útok na váš on-prem server

E

Jako CVE-2022-41040 a CVE-2022-41082 publikoval 30.9.2022 Microsoft zprávu Analyzing attacks using the Exchange vulnerabilities.

Microsoft is aware of limited targeted attacks using two reported zero-day vulnerabilities affecting Microsoft Exchange Server 2013, Exchange Server 2016, and Exchange Server 2019. The first one, identified as CVE-2022-41040, is a server-side request forgery (SSRF) vulnerability, while the second one, identified as CVE-2022-41082, allows remote code execution (RCE) when Exchange PowerShell is accessible to the attacker.

This message is not associated with Microsoft 365 Roadmap.

...další obsah je k dispozici pouze pro registrované uživatele

Kategorie

Přihlášení

Zajímá Vás dění v Mainstreamu?

Informace o tom, co je nového, co chystáme a jak žijeme nejen v práci, ale i mimo ni, najdete na

Čeština‎EnglishFrançaisDeutschMagyarItaliano