Exchange Server RCE Vulnerability
CVE-2024-26198 Published on March 12, 2024
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
Weakness Type
What is an Untrusted Path Vulnerability?
The application searches for critical resources using an externally-supplied search path that can point to resources that are not under the application's direct control.
CVE-2024-26198 has been classified to as an Untrusted Path vulnerability or weakness.
Products Associated with CVE-2024-26198
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2024-26198 are published in Microsoft Exchange Server:
Affected Versions
Microsoft Exchange Server 2019 Cumulative Update 14:- Version 15.02.0 and below 15.02.1258.034 is affected.
- Version 15.02.0 and below 15.02.1544.011 is affected.
- Version 15.01.0 and below 15.01.2507.039 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.