Welcome to our

Cyber Security News Aggregator

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

First slide label

Some representative placeholder content for the first slide.

Second slide label

Some representative placeholder content for the second slide.

Third slide label

Some representative placeholder content for the third slide.

Exchange OWASSRF Exploited for Remote Code Execution, (Thu, Dec 22nd)

published on 2022-12-22 02:24:21 UTC by
Content:

According to a post by Rapid7, they have observed Exchange server 2013, 2016 & 2019 being actively exploited for "a chaining of CVE-2022-41080 and CVE-2022-41082 to bypass URL rewrite mitigations that Microsoft provided for ProxyNotShell allowing for remote code execution (RCE) via privilege escalation via Outlook Web Access (OWA)."[1]

Article: Exchange OWASSRF Exploited for Remote Code Execution, (Thu, Dec 22nd) - published almost 2 years ago.

https://isc.sans.edu/diary/rss/29374
Published: 2022 12 22 02:24:21
Received: 2022 12 22 03:14:26
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Views: 2