CVE-2020-0688
Description
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka Microsoft Exchange Memory Corruption Vulnerability.
Risk Information
Base Score
8.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
94.396
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Microsoft Exchange Memory Corruption Vulnerability For Exchange Server 2013 CU23 (KB4536988) | Windows |
| Microsoft Exchange Memory Corruption Vulnerability For Exchange Server 2019 CU3 (KB4536987) | Windows |
| Microsoft Exchange Memory Corruption Vulnerability For Exchange Server 2016 CU14 (KB4536987) | Windows |
| Microsoft Exchange Memory Corruption Vulnerability For Exchange Server 2016 CU15 (KB4536987) | Windows |
| Microsoft Exchange Memory Corruption Vulnerability For Exchange Server 2019 CU4 (KB4536987) | Windows |
| Microsoft Exchange Memory Corruption Vulnerability for Microsoft Exchange Server 2010 (KB4536989) | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-28434 | Security Update For Exchange Server 2013 CU23 (KB4536988) |
| PATCH-28435 | Security Update For Exchange Server 2019 CU3 (KB4536987) |
| PATCH-28436 | Security Update For Exchange Server 2016 CU14 (KB4536987) |
| PATCH-28437 | Security Update For Exchange Server 2016 CU15 (KB4536987) |
| PATCH-28438 | Security Update For Exchange Server 2019 CU4 (KB4536987) |
| PATCH-28439 | Security Rollup 30 for Microsoft Exchange Server 2010 (KB4536989) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234