CVE-2020-17083: Microsoft Exchange Server Remote Code Execution Vulnerability
Overview
- Severity
- Medium (CVSS 5.5)
- CVSS Vector
- CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C
- Category
- Remote Code Execution
- Exploit Status
- Not Exploited
- Exploitation Likelihood
- Less Likely
- Patch Tuesday
- 2020-Nov
- Released
- 2020-11-10
- EPSS Score
- 44.02% (percentile: 97.5%)
Affected Products (5)
Server Software
- Microsoft Exchange Server 2019 Cumulative Update 6
- Microsoft Exchange Server 2016 Cumulative Update 17
- Microsoft Exchange Server 2019 Cumulative Update 7
- Microsoft Exchange Server 2016 Cumulative Update 18
- Microsoft Exchange Server 2013 Cumulative Update 23
Security Updates (5)
Acknowledgments
Steven Seeley (mr_me) of <a href="https://srcincite.io/">Source Incite</a>
Revision History
- 2020-11-10: Information published.