What is CVE-2023-38181?

CVE-2023-38181 is a Microsoft Exchange Server Spoofing Vulnerability that allows an attacker to impersonate another user and perform malicious activities.

What is the severity of CVE-2023-38181?

CVE-2023-38181 has a severity rating of High, with a severity value of 8.8.

Which versions of Microsoft Exchange Server are affected by CVE-2023-38181?

CVE-2023-38181 affects Microsoft Exchange Server 2016 cumulative update 23, Exchange Server 2019 cumulative update 12, and Exchange Server 2019 cumulative update 13.

How can I fix CVE-2023-38181?

To fix CVE-2023-38181, you can apply the patches provided by Microsoft for Exchange Server 2016 cumulative update 23, Exchange Server 2019 cumulative update 12, and Exchange Server 2019 cumulative update 13.

Where can I find more information about CVE-2023-38181?

You can find more information about CVE-2023-38181 on Microsoft's Security Response Center website at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38181.

Vulnerability/
CVE-2023-38181

high

8.8

CWE

502

8/8/2023

29/5/2024

CVE-2023-38181: Microsoft Exchange Server Spoofing Vulnerability

First published: Tue Aug 08 2023(Updated: )

Microsoft Exchange Server Spoofing Vulnerability

Credit: secure@microsoft.com secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft Exchange Server 2016	=23	fix available externally
Microsoft Exchange Server 2019	=12	fix available externally
Microsoft Exchange Server 2019	=13	fix available externally
Microsoft Exchange Server	=2016-cumulative_update_23
Microsoft Exchange Server	=2019-cumulative_update_12
Microsoft Exchange Server	=2019-cumulative_update_13
Microsoft Exchange Server 2019	=12	fix available externally
Microsoft Exchange Server 2016	=23	fix available externally
Microsoft Exchange Server 2019	=13	fix available externally

Remedy

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38181

Never miss a vulnerability like this again

Reference Links

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38181 (Advisory)

Frequently Asked Questions

What is CVE-2023-38181?
CVE-2023-38181 is a Microsoft Exchange Server Spoofing Vulnerability that allows an attacker to impersonate another user and perform malicious activities.
What is the severity of CVE-2023-38181?
CVE-2023-38181 has a severity rating of High, with a severity value of 8.8.
Which versions of Microsoft Exchange Server are affected by CVE-2023-38181?
CVE-2023-38181 affects Microsoft Exchange Server 2016 cumulative update 23, Exchange Server 2019 cumulative update 12, and Exchange Server 2019 cumulative update 13.
How can I fix CVE-2023-38181?
To fix CVE-2023-38181, you can apply the patches provided by Microsoft for Exchange Server 2016 cumulative update 23, Exchange Server 2019 cumulative update 12, and Exchange Server 2019 cumulative update 13.
Where can I find more information about CVE-2023-38181?
You can find more information about CVE-2023-38181 on Microsoft's Security Response Center website at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38181.

collector/msrc
agent/author
agent/type
agent/first-publish-date
source/Microsoft
collector/msrc-cve
agent/softwarecombine
agent/software-canonical-lookup
agent/severity
agent/references
agent/remedy
agent/title
agent/description
collector/nvd-index
agent/software-canonical-lookup-request
agent/event
collector/mitre-cve
source/MITRE
collector/nvd-api
source/NVD
agent/last-modified-date
agent/weakness
agent/tags
vendor/microsoft
canonical/microsoft exchange server 2016
version/microsoft exchange server 2016/23
canonical/microsoft exchange server 2019
version/microsoft exchange server 2019/12
version/microsoft exchange server 2019/13
canonical/microsoft exchange server
version/microsoft exchange server/2016-cumulative_update_23
version/microsoft exchange server/2019-cumulative_update_12
version/microsoft exchange server/2019-cumulative_update_13