CVE-2018-8302
Description
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka Microsoft Exchange Memory Corruption Vulnerability. This affects Microsoft Exchange Server.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
42.711
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Microsoft Exchange Memory Corruption Vulnerability For Exchange Server 2013 CU20 (KB4340731) | Windows |
| Microsoft Exchange Memory Corruption Vulnerability For Exchange Server 2016 CU10 (KB4340731) | Windows |
| Microsoft Exchange Memory Corruption Vulnerability For Exchange Server 2013 CU21 (KB4340731) | Windows |
| Microsoft Exchange Memory Corruption Vulnerability For Exchange 2010 SP3 (KB4340733) | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-25132 | Security Update For Exchange Server 2013 CU20 (KB4340731) |
| PATCH-25133 | Security Update For Exchange Server 2016 CU10 (KB4340731) |
| PATCH-25134 | Security Update For Exchange Server 2013 CU21 (KB4340731) |
| PATCH-25131 | Update Rollup 23 For Exchange 2010 SP3 (KB4340733) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234