Microsoft Exchange Server EoP Vulnerability
CVE-2023-21709 Published on August 8, 2023
Microsoft Exchange Server Elevation of Privilege Vulnerability
Weakness Type
Improper Restriction of Excessive Authentication Attempts
The software does not implement sufficient measures to prevent multiple failed authentication attempts within in a short time frame, making it more susceptible to brute force attacks.
Products Associated with CVE-2023-21709
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-21709 are published in Microsoft Exchange Server:
Affected Versions
Microsoft Exchange Server 2019 Cumulative Update 12:- Version 15.02.0 and below 15.02.1118.037 is affected.
- Version 15.01.0 and below 15.01.2507.032 is affected.
- Version 15.02.0 and below 15.02.1258.025 is affected.
Exploit Probability
EPSS
3.58%
Percentile
87.44%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.