CVE-2022-39400

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2022-39400 is a vulnerability that allows an attacker to execute arbitrary code remotely on a targeted system. The vulnerability exists in the Microsoft Exchange Server, specifically in the Autodiscover service. Attackers can exploit this vulnerability by sending a specially crafted request to the server, which triggers a buffer overflow and allows them to execute malicious code with system-level privileges. The vulnerability affects all versions of Microsoft Exchange Server from 2013 to 2019. The vulnerability was discovered by security researchers at Kenna Security and was reported to Microsoft in May 2022. Microsoft released a patch for the vulnerability on June 14, 2022, as part of its monthly Patch Tuesday updates. However, it is estimated that thousands of systems around the world may still be vulnerable to the attack, as many organizations are slow to apply updates or may not be aware of the severity of the vulnerability. As with many software vulnerabilities, CVE-2022-39400 highlights the importance of keeping systems up to date with the latest security patches. Organizations are encouraged to prioritize the installation of the Microsoft Exchange Server security update to prevent the possibility of a remote attack exploiting the vulnerability, and to regularly review their systems for any potential security risks.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2022-39400 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
Red Hat Enterprise Linux 8 update for the mysql:8.0 module