From 41a88cf018f99187cf6cc1c2a25239ce43f97a26 Mon Sep 17 00:00:00 2001 From: righel Date: Tue, 5 Nov 2024 05:32:43 +0000 Subject: [PATCH] automatic update --- ms-exchange-versions-cves-dict.json | 120 +++++++++++----------------- 1 file changed, 48 insertions(+), 72 deletions(-) diff --git a/ms-exchange-versions-cves-dict.json b/ms-exchange-versions-cves-dict.json index a261302..5508c99 100644 --- a/ms-exchange-versions-cves-dict.json +++ b/ms-exchange-versions-cves-dict.json @@ -890,6 +890,14 @@ "last-modified": "2023-12-29T01:15:00", "summary": "Microsoft Exchange Server Remote Code Execution Vulnerability" }, + { + "cvss": 9.0, + "cvss-time": "2023-12-30T00:15:00", + "cwe": "NVD-CWE-noinfo", + "id": "CVE-2020-17117", + "last-modified": "2023-12-30T00:15:00", + "summary": "Microsoft Exchange Remote Code Execution Vulnerability" + }, { "cvss": 8.3, "cvss-time": "2023-12-21T01:15:00", @@ -1010,6 +1018,30 @@ "last-modified": "2023-12-29T17:16:00", "summary": "Microsoft Exchange Server Remote Code Execution Vulnerability" }, + { + "cvss": 6.5, + "cvss-time": "2023-12-30T00:15:00", + "cwe": "NVD-CWE-noinfo", + "id": "CVE-2020-17132", + "last-modified": "2023-12-30T00:15:00", + "summary": "Microsoft Exchange Remote Code Execution Vulnerability" + }, + { + "cvss": 6.5, + "cvss-time": "2023-12-30T00:15:00", + "cwe": "NVD-CWE-noinfo", + "id": "CVE-2020-17142", + "last-modified": "2023-12-30T00:15:00", + "summary": "Microsoft Exchange Remote Code Execution Vulnerability" + }, + { + "cvss": 6.5, + "cvss-time": "2023-12-30T00:15:00", + "cwe": "NVD-CWE-noinfo", + "id": "CVE-2020-17143", + "last-modified": "2023-12-30T00:15:00", + "summary": "Microsoft Exchange Server Information Disclosure Vulnerability" + }, { "cvss": 6.5, "cvss-time": "2024-07-26T19:25:00", @@ -3750,14 +3782,6 @@ "last-modified": "2023-12-21T01:15:00", "summary": "Microsoft Exchange Server Remote Code Execution Vulnerability" }, - { - "cvss": 7.5, - "cvss-time": "2019-11-14T19:34:00", - "cwe": "CWE-502", - "id": "CVE-2019-1373", - "last-modified": "2019-11-14T19:34:00", - "summary": "A remote code execution vulnerability exists in Microsoft Exchange through the deserialization of metadata via PowerShell, aka 'Microsoft Exchange Remote Code Execution Vulnerability'." - }, { "cvss": 7.5, "cvss-time": "2024-02-15T20:18:00", @@ -4311,6 +4335,14 @@ "last-modified": "2024-07-26T19:26:00", "summary": "Microsoft Exchange Server Remote Code Execution Vulnerability" }, + { + "cvss": 9.0, + "cvss-time": "2024-02-13T17:23:00", + "cwe": "CWE-287", + "id": "CVE-2020-0688", + "last-modified": "2024-02-13T17:23:00", + "summary": "A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'." + }, { "cvss": 9.0, "cvss-time": "2023-12-29T01:15:00", @@ -4399,6 +4431,14 @@ "last-modified": "2023-12-21T00:15:00", "summary": "Microsoft Exchange Server Elevation of Privilege Vulnerability" }, + { + "cvss": 6.8, + "cvss-time": "2021-07-21T11:39:00", + "cwe": "NVD-CWE-noinfo", + "id": "CVE-2020-0692", + "last-modified": "2021-07-21T11:39:00", + "summary": "An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'." + }, { "cvss": 6.8, "cvss-time": "2024-07-25T17:53:00", @@ -14464,38 +14504,6 @@ "15.2.1118.37": { "cpe": "cpe:/a:microsoft:exchange_server:2019:cumulative_update_12:*:*:*:*:*:*", "cves": [ - { - "cvss": 8.0, - "cvss-time": null, - "cwe": "NVD-CWE-noinfo", - "id": "CVE-2023-36744", - "last-modified": "2023-09-15T16:30:00", - "summary": "Microsoft Exchange Server Remote Code Execution Vulnerability" - }, - { - "cvss": 8.0, - "cvss-time": null, - "cwe": "NVD-CWE-noinfo", - "id": "CVE-2023-36756", - "last-modified": "2023-09-15T14:15:00", - "summary": "Microsoft Exchange Server Remote Code Execution Vulnerability" - }, - { - "cvss": 8.0, - "cvss-time": null, - "cwe": "NVD-CWE-noinfo", - "id": "CVE-2023-36745", - "last-modified": "2023-09-15T16:28:00", - "summary": "Microsoft Exchange Server Remote Code Execution Vulnerability" - }, - { - "cvss": 8.0, - "cvss-time": null, - "cwe": "NVD-CWE-noinfo", - "id": "CVE-2023-36757", - "last-modified": "2023-09-14T22:37:00", - "summary": "Microsoft Exchange Server Spoofing Vulnerability" - }, { "cvss": 8.0, "cvss-time": null, @@ -15543,38 +15551,6 @@ "15.2.1258.25": { "cpe": "cpe:/a:microsoft:exchange_server:2019:cumulative_update_13:*:*:*:*:*:*", "cves": [ - { - "cvss": 8.0, - "cvss-time": null, - "cwe": "NVD-CWE-noinfo", - "id": "CVE-2023-36744", - "last-modified": "2023-09-15T16:30:00", - "summary": "Microsoft Exchange Server Remote Code Execution Vulnerability" - }, - { - "cvss": 8.0, - "cvss-time": null, - "cwe": "NVD-CWE-noinfo", - "id": "CVE-2023-36756", - "last-modified": "2023-09-15T14:15:00", - "summary": "Microsoft Exchange Server Remote Code Execution Vulnerability" - }, - { - "cvss": 8.0, - "cvss-time": null, - "cwe": "NVD-CWE-noinfo", - "id": "CVE-2023-36745", - "last-modified": "2023-09-15T16:28:00", - "summary": "Microsoft Exchange Server Remote Code Execution Vulnerability" - }, - { - "cvss": 8.0, - "cvss-time": null, - "cwe": "NVD-CWE-noinfo", - "id": "CVE-2023-36757", - "last-modified": "2023-09-14T22:37:00", - "summary": "Microsoft Exchange Server Spoofing Vulnerability" - }, { "cvss": 8.0, "cvss-time": null,