CVE-2023-23397

Description from NVD

Microsoft Outlook Elevation of Privilege Vulnerability

Information Acquisition Date:2023-04-06T14:57Z
CVSS 2.0: 0.0 None CVSS 3.x: 9.8 CRITICAL

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

NVD References

 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23397
     source:MISC
     tags:Patch    Vendor Advisory    

This vulnerability may involve a PoC.

Description from Forti

Microsoft March Patch Tuesday Release Contains Two New Zero Days and 80 Security Updates

Information Acquisition Date:2023/04/06

Affected Products

Impact

Recommended Actions

References

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag: Android(6 tweets) Apple(1 tweets) Cisco(5 tweets) Exchange(47 tweets) VPN(2 tweets) Windows(127 tweets) Wordpress(1 tweets) iOS(25 tweets)



List of frequently cited URLs

URLNum of Times Referred to
http://cyberiqs.com/latestnews73
https://msrc.microsoft.com/update-guide/releaseNote/2023-Mar52
https://cvetrends.com50
https://www.mdsec.co.uk/2023/03/exploiting-cve-2023-23397-m...50
https://www.microsoft.com/en-us/security/blog/2023/03/24/gu...50
https://tryhackme.com/room/outlookntlmleak24
https://medium.com23
https://lists.astaro.com/ASGV9-IPS-rules.html#021
https://blog.scrt.ch/2023/03/14/producing-a-poc-for-cve-202...17
https://securityaffairs.com/144040/apt/detecting-cve-2023-2...16
https://research.trendmicro.com/cve20232339712
https://www.cisa.gov/known-exploited-vulnerabilities-catalog11
https://github.com/microsoft/CSS-Exchange/blob/a4c096e8b6e6...10
https://go.dhs.gov/Z3Q10
https://practical365.com/cve-2023-23397-ntlm-vulnerability10
https://www.trendmicro.com/en_us/research/23/c/patch-cve-20...10
https://thehackernews.com/2023/03/microsoft-warns-of-stealt...9
https://www.helpnetsecurity.com/2023/03/14/cve-2023-23397-c...9
https://www.darkrelay.com/post/cve-2023-23397-critical-micr...8
https://www.bleepingcomputer.com/news/microsoft/microsoft-f...8
https://www.trustedsec.com/blog/critical-outlook-vulnerabil...7
https://thestack.technology/critical-microsoft-outlook-vuln...7
https://www.anoopcnair.com/zero-day-vulnerability-for-outlo...6
https://unit42.paloaltonetworks.com/threat-brief-cve-2023-2...6
https://www.huntress.com/blog/everything-we-know-about-cve-...5
https://www.cert.ssi.gouv.fr/alerte/CERTFR-2023-ALE-0025
https://www.deepinstinct.com/blog/cve-2023-23397-exploitati...5
https://buff.ly/3z2P3Vm4
https://twitter.com/CISACyber/status/16357146083788554254
https://ti.qianxin.com/blog/articles/Analysis-of-In-the-wil...4
https://microsoft.github.io/CSS-Exchange/Security/CVE-2023-...4
https://scan.netsecurity.ne.jp/article/2023/03/27/49103.html4
https://blog.talosintelligence.com/outlook-privilege-escala...4
https://bit.ly/42hv9U23
https://cert.pl/posts/2023/03/outlook-cve-2023-233973
https://news.mynavi.jp/techplus/article/20230329-26383473
https://www.tenable.com/blog/microsofts-march-2023-patch-tu...3
https://www.trellix.com/en-us/about/newsroom/stories/resear...3
https://blog.ehcgroup.io/2023/03/17/18/05/31/14889/microsof...3
https://www.securityweek.com/microsoft-pins-outlook-zero-da...3
https://blog.segu-info.com.ar/2023/03/microsoft-parchea-zer...3
https://securityboulevard.com/2023/03/detecting-cve-2023-23...3
https://packetstormsecurity.com/files/1713763

▼ Show Information from Twitter(1538)


List of frequently cited URLs

URLNum of Times Referred to
cyberiqs.com73
msrc.microsoft.com52
cvetrends.com50
www.mdsec.co.uk50
www.microsoft.com50
tryhackme.com24
medium.com23
lists.astaro.com21
blog.scrt.ch17
securityaffairs.com16
research.trendmicro.com12
www.cisa.gov11
github.com10
go.dhs.gov10
practical365.com10
www.trendmicro.com10
thehackernews.com9
www.helpnetsecurity.com9
www.darkrelay.com8
www.bleepingcomputer.com8
www.trustedsec.com7
thestack.technology7
www.anoopcnair.com6
unit42.paloaltonetworks.com6
www.huntress.com5
www.cert.ssi.gouv.fr5
www.deepinstinct.com5
buff.ly4
twitter.com4
ti.qianxin.com4
microsoft.github.io4
scan.netsecurity.ne.jp4
blog.talosintelligence.com4
bit.ly3
cert.pl3
news.mynavi.jp3
www.tenable.com3
www.trellix.com3
blog.ehcgroup.io3
www.securityweek.com3
blog.segu-info.com.ar3
securityboulevard.com3
packetstormsecurity.com3

▼ Show Information from Twitter(1538)


GitHub Search Results: Up to 10
NameURL
api0cradle/CVE-2023-23397-POC-Powershell https://github.com/api0cradle/CVE-2023-23397-POC-Powershell
sqrtZeroKnowledge/CVE-2023-23397_EXPLOIT_0DAY https://github.com/sqrtZeroKnowledge/CVE-2023-23397_EXPLOIT_0DAY
Trackflaw/CVE-2023-23397 https://github.com/Trackflaw/CVE-2023-23397
ka7ana/CVE-2023-23397 https://github.com/ka7ana/CVE-2023-23397
BillSkiCO/CVE-2023-23397_EXPLOIT https://github.com/BillSkiCO/CVE-2023-23397_EXPLOIT
grn-bogo/CVE-2023-23397 https://github.com/grn-bogo/CVE-2023-23397
ahmedkhlief/CVE-2023-23397-POC https://github.com/ahmedkhlief/CVE-2023-23397-POC
tiepologian/CVE-2023-23397 https://github.com/tiepologian/CVE-2023-23397
BronzeBee/cve-2023-23397 https://github.com/BronzeBee/cve-2023-23397
alicangnll/CVE-2023-23397 https://github.com/alicangnll/CVE-2023-23397

GitHub Search Results: Up to 10
NameURL
api0cradle/CVE-2023-23397-POC-Powershell github.com
sqrtZeroKnowledge/CVE-2023-23397_EXPLOIT_0DAY github.com
Trackflaw/CVE-2023-23397 github.com
ka7ana/CVE-2023-23397 github.com
BillSkiCO/CVE-2023-23397_EXPLOIT github.com
grn-bogo/CVE-2023-23397 github.com
ahmedkhlief/CVE-2023-23397-POC github.com
tiepologian/CVE-2023-23397 github.com
BronzeBee/cve-2023-23397 github.com
alicangnll/CVE-2023-23397 github.com

2023/04/17 Score : 0
Added Har-sia Database : 2023/03/15
Last Modified : 2023/04/17
Highest Scored Date : 2023/03/16
Highest Score : 313