CVE-2022-21846

Microsoft Exchange Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21855, CVE-2022-21969.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*

History

14 Jan 2022, 17:33

Type Values Removed Values Added
First Time Microsoft exchange Server
Microsoft
References (MISC) https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21846 - (MISC) https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21846 - Patch, Vendor Advisory
CPE cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*
CWE CWE-94
CVSS v2 : unknown
v3 : unknown
v2 : 8.3
v3 : 9.0

11 Jan 2022, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-01-11 21:15

Updated : 2022-01-14 17:33


NVD link : CVE-2022-21846

Mitre link : CVE-2022-21846


JSON object : View

Products Affected

microsoft

  • exchange_server
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')