#VU77238 Input validation error in Microsoft Exchange Server - CVE-2023-28310

Cybersecurity Help s.r.o.

Published: 2023-06-13

Vulnerability identifier: #VU77238

Vulnerability risk: Medium

CVSSv4.0: 6.1 [CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-28310

CWE-ID: CWE-20

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
Microsoft Exchange Server
Server applications / Mail servers

Vendor: Microsoft

Description

The vulnerability allows a remote user to execute arbitrary code on the system.

The vulnerability exists due to insufficient validation of user-supplied input. A remote authenticated user can pass specially crafted input to the server and execute arbitrary code via a PowerShell remoting session.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Microsoft Exchange Server: 2016 Cumulative Update 1 15.01.0396.030 - 2016 CU23 Mar23SU 15.01.2507.023, 2019 Cumulative Update 1 15.02.0330.005 - 2019 RTM 15.02.0221.012

External links
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2023-28310

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Microsoft Exchange Server