First published: Tue Feb 14 2023(Updated: )
Microsoft Exchange Server Remote Code Execution Vulnerability
Credit: secure@microsoft.com secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Exchange Server | =2013-cumulative_update_23 | |
Microsoft Exchange Server | =2016-cumulative_update_23 | |
Microsoft Exchange Server | =2019-cumulative_update_11 | |
Microsoft Exchange Server | =2019-cumulative_update_12 | |
Microsoft Exchange Server 2019 | =11 | |
Microsoft Exchange Server 2019 | =12 | |
Microsoft Exchange Server 2013 | =23 | |
Microsoft Exchange Server 2016 | =23 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-21706 is a remote code execution vulnerability in Microsoft Exchange Server.
CVE-2023-21706 has a severity value of 8.8 (high).
CVE-2023-21706 affects Microsoft Exchange Server 2013 cumulative update 23, Microsoft Exchange Server 2016 cumulative update 23, and Microsoft Exchange Server 2019 cumulative update 11 and 12.
To fix CVE-2023-21706, apply the corresponding cumulative updates and patches provided by Microsoft for your version of Microsoft Exchange Server. For more information, refer to the Microsoft support page and download the necessary patches.
You can find more information about CVE-2023-21706 on the Microsoft Security Response Center (MSRC) website.