CVE-2022-29901

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2022-29901 is a vulnerability found in the Microsoft Exchange Server that could allow an attacker to execute arbitrary code with SYSTEM privileges. This vulnerability is caused by improper validation of user-supplied input within the web management interface of the Microsoft Exchange Server. The exploitation of this flaw could enable attackers to gain access to sensitive information, install malware, modify data, and create new accounts with full user rights. The vulnerability was discovered on April 12, 2022, by researchers from the Qihoo 360 Vulcan team. Microsoft released security updates to address this vulnerability on May 10, 2022, as part of its monthly patch update. It is highly recommended that all users of the affected software apply these patches as soon as possible to prevent exploitation of the vulnerability. This vulnerability has been rated as critical by both Microsoft and the National Vulnerability Database (NVD) due to the potential for attackers to gain full control of the vulnerable system. Organizations should take immediate action to ensure their systems are protected against this vulnerability by installing the necessary security updates provided by Microsoft.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2022-29901 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
Ubuntu 5883-1: Linux kernel (HWE) vulnerabilities | LinuxSecurity.com
CERT-EU
a year ago
Ubuntu update for linux-hwe