CVE-2022-41040

Description from NVD

Microsoft Exchange Server Elevation of Privilege Vulnerability.

Information Acquisition Date:2022-11-18T14:53Z
CVSS 2.0: 0.0 None CVSS 3.x: 8.8 HIGH

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

NVD References

 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41040
     source:MISC
     tags:Mitigation    Patch    Vendor Advisory    
 VU#915563
     source:CERT-VN
     tags:Third Party Advisory    US Government Resource    

This vulnerability may involve a PoC.

Description from Forti

Information Acquisition Date:2020/01/22

Affected Products

Impact

Recommended Actions

References

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag: Apache(1 tweets) Exchange(75 tweets) Windows(4 tweets) Wordpress(4 tweets) iOS(1 tweets)



List of frequently cited URLs

URLNum of Times Referred to
https://medium.com51
https://cvetrends.com49
https://nake19
https://nakedsecurity.sophos.com/202218
http://twinybots.ch15
https://thehackernews.com/2022/09/microsoft-confirms-2-new-...10
https://www.helpnetsecurity.com/2022/09/30/cve-2022-41040-c...8
https://www.cisa.gov/known-exploited-vulnerabilities-catalog7
https://www.snort.org/downloads7
https://tweetedtimes.com/susession?s=tnp6
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2...6
https://www.securityweek.com/microsoft-links-exploitation-e...5
https://securityboulevard.com/2022/10/safebreach-coverage-f...5
https://www.bleepingcomputer.com/news/microsoft/microsoft-c...5
https://community.emergingthreats.net/t/regarding-coverage-...5
https://github.com/revers0id/CVE-2022-41082-PoC4
https://gteltsc.vn/blog/warning-new-attack-campaign-utilize...4
http://cyberiqs.com/latestnews4
https://www.tenable.com/blog/cve-2022-41040-and-cve-2022-41...4
https://www.microsoft.com/security/blog/2022/09/30/analyzin...4
https://URL/autodiscover/autodiscover.json3
https://buff.ly/3LSgcQw3
https://xtra.li/3rsmwF13
https://twitter.com/SeguInfo/status/15758290000809205773
http://mi6rogue.com/blog3
https://hackerone.com/reports/17197193
https://doublepulsar.com/proxynotshell-the-story-of-the-cla...3
http://mail.acronis.com3
https://www.borncity.com/blog/2022/10/11/exchange-server-ne...3
https://m365internals.com/2022/10/05/mitigating-cve-2022-41...3
https://www.wordfence.com/blog/2022/10/two-weeks-of-monitor...3
https://securityaffairs.co/wordpress/138768/hacking/proxyno...3
https://securitytrails.com/blog/zero-day-microsoft-exchange...3
https://www.safebreach.com/resources/blog/safebreach-covera...3
https://securityonline.info/cve-2022-41040-cve-2022-41082-e...3
https://blog.segu-info.com.ar/2022/10/vulnerabilidad-critic...3
https://msrc-blog.microsoft.com/2022/09/29/customer-guidanc...3
https://ipssignatures.appspot.com/?cve=CVE-2022-410403
https://www.zerodayinitiative.com/blog/2022/11/14/control-y...3
https://unit42.paloaltonetworks.com/proxynotshell-cve-2022-...3

▼ Show Information from Twitter(147)


List of frequently cited URLs

URLNum of Times Referred to
medium.com51
cvetrends.com49
nake19
nakedsecurity.sophos.com18
twinybots.ch15
thehackernews.com10
www.helpnetsecurity.com8
www.cisa.gov7
www.snort.org7
tweetedtimes.com6
msrc.microsoft.com6
www.securityweek.com5
securityboulevard.com5
www.bleepingcomputer.com5
community.emergingthreats.net5
github.com4
gteltsc.vn4
cyberiqs.com4
www.tenable.com4
www.microsoft.com4
URL3
buff.ly3
xtra.li3
twitter.com3
mi6rogue.com3
hackerone.com3
doublepulsar.com3
mail.acronis.com3
www.borncity.com3
m365internals.com3
www.wordfence.com3
securityaffairs.co3
securitytrails.com3
www.safebreach.com3
securityonline.info3
blog.segu-info.com.ar3
msrc-blog.microsoft.com3
ipssignatures.appspot.com3
www.zerodayinitiative.com3
unit42.paloaltonetworks.com3

▼ Show Information from Twitter(147)


GitHub Search Results: Up to 10
NameURL
kljunowsky/CVE-2022-41040-POC https://github.com/kljunowsky/CVE-2022-41040-POC
TaroballzChen/CVE-2022-41040-metasploit-ProxyNotShell https://github.com/TaroballzChen/CVE-2022-41040-metasploit-ProxyNotShell
numanturle/CVE-2022-41040 https://github.com/numanturle/CVE-2022-41040
d3duct1v/CVE-2022-41040 https://github.com/d3duct1v/CVE-2022-41040
rjsudlow/proxynotshell-IOC-Checker https://github.com/rjsudlow/proxynotshell-IOC-Checker
r3dcl1ff/CVE-2022-41040 https://github.com/r3dcl1ff/CVE-2022-41040
CentarisCyber/CVE-2022-41040_Mitigation https://github.com/CentarisCyber/CVE-2022-41040_Mitigation
ITPATJIDR/CVE-2022-41040 https://github.com/ITPATJIDR/CVE-2022-41040
trhacknon/CVE-2022-41040-metasploit-ProxyNotShell https://github.com/trhacknon/CVE-2022-41040-metasploit-ProxyNotShell

GitHub Search Results: Up to 10
NameURL
kljunowsky/CVE-2022-41040-POC github.com
TaroballzChen/CVE-2022-41040-metasploit-ProxyNotShell github.com
numanturle/CVE-2022-41040 github.com
d3duct1v/CVE-2022-41040 github.com
rjsudlow/proxynotshell-IOC-Checker github.com
r3dcl1ff/CVE-2022-41040 github.com
CentarisCyber/CVE-2022-41040_Mitigation github.com
ITPATJIDR/CVE-2022-41040 github.com
trhacknon/CVE-2022-41040-metasploit-ProxyNotShell github.com

2022/12/02 Score : 2
Added Har-sia Database : 2022/09/30
Last Modified : 2022/12/02
Highest Scored Date : 2022/09/30
Highest Score : 145