Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

Exchange OWASSRF Exploited for Remote Code Execution, (Thu, Dec 22nd)

published on 2022-12-22 02:24:21 UTC by
Content:
According to a post by Rapid7, they have observed Exchange server 2013, 2016 & 2019 being actively exploited for "a chaining of CVE-2022-41080 and CVE-2022-41082 to bypass URL rewrite mitigations that Microsoft provided for ProxyNotShell allowing for remote code execution (RCE) via privilege escalation via Outlook Web Access (OWA)."[1]
Article: Exchange OWASSRF Exploited for Remote Code Execution, (Thu, Dec 22nd) - published almost 2 years ago.

https://isc.sans.edu/diary/rss/29374   
Published: 2022 12 22 02:24:21
Received: 2022 12 22 03:14:26
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Views: 2

Custom HTML Block

Click to Open Code Editor