Skip to content

Commit

Permalink
automatic update
Browse files Browse the repository at this point in the history
  • Loading branch information
@righel @github-actions
righel authored and github-actions[bot] committed Oct 27, 2024
1 parent 5f7ed64 commit cb54b0e
Showing 1 changed file with 146 additions and 1 deletion.
147 changes: 146 additions & 1 deletion ms-exchange-versions-cves-dict.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7144,6 +7144,14 @@
"15.1.2044.12": {
"cpe": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_17:*:*:*:*:*:*",
"cves": [
{
"cvss": 9.0,
"cvss-time": "2023-12-30T00:15:00",
"cwe": "NVD-CWE-noinfo",
"id": "CVE-2020-17117",
"last-modified": "2023-12-30T00:15:00",
"summary": "Microsoft Exchange Remote Code Execution Vulnerability"
},
{
"cvss": 7.5,
"cvss-time": "2024-02-15T20:18:00",
Expand Down Expand Up @@ -7175,6 +7183,38 @@
"id": "CVE-2021-27065",
"last-modified": "2024-07-25T17:34:00",
"summary": "Microsoft Exchange Server Remote Code Execution Vulnerability"
},
{
"cvss": 6.5,
"cvss-time": "2023-12-30T00:15:00",
"cwe": "NVD-CWE-noinfo",
"id": "CVE-2020-17132",
"last-modified": "2023-12-30T00:15:00",
"summary": "Microsoft Exchange Remote Code Execution Vulnerability"
},
{
"cvss": 6.5,
"cvss-time": "2023-12-30T00:15:00",
"cwe": "NVD-CWE-noinfo",
"id": "CVE-2020-17142",
"last-modified": "2023-12-30T00:15:00",
"summary": "Microsoft Exchange Remote Code Execution Vulnerability"
},
{
"cvss": 6.5,
"cvss-time": "2023-12-30T00:15:00",
"cwe": "NVD-CWE-noinfo",
"id": "CVE-2020-17143",
"last-modified": "2023-12-30T00:15:00",
"summary": "Microsoft Exchange Server Information Disclosure Vulnerability"
},
{
"cvss": 6.0,
"cvss-time": "2023-12-30T00:15:00",
"cwe": "NVD-CWE-noinfo",
"id": "CVE-2020-17141",
"last-modified": "2023-12-30T00:15:00",
"summary": "Microsoft Exchange Remote Code Execution Vulnerability"
}
]
},
Expand Down Expand Up @@ -7891,6 +7931,14 @@
"last-modified": "2023-12-30T00:15:00",
"summary": "Microsoft Exchange Remote Code Execution Vulnerability"
},
{
"cvss": 9.0,
"cvss-time": "2023-12-31T19:15:00",
"cwe": "CWE-120",
"id": "CVE-2020-17084",
"last-modified": "2023-12-31T19:15:00",
"summary": "Microsoft Exchange Server Remote Code Execution Vulnerability"
},
{
"cvss": 7.5,
"cvss-time": "2024-02-15T20:18:00",
Expand Down Expand Up @@ -7994,12 +8042,36 @@
"id": "CVE-2021-1730",
"last-modified": "2023-12-29T17:15:00",
"summary": "<p>A spoofing vulnerability exists in Microsoft Exchange Server which could result in an attack that would allow a malicious actor to impersonate the user.</p>\n<p>This update addresses this vulnerability.</p>\n<p>To prevent these types of attacks, Microsoft recommends customers to download inline images from different DNSdomains than the rest of OWA. Please see further instructions in the FAQ to put in place this mitigations.</p>\n"
},
{
"cvss": 4.0,
"cvss-time": "2023-12-31T19:15:00",
"cwe": "NVD-CWE-noinfo",
"id": "CVE-2020-17085",
"last-modified": "2023-12-31T19:15:00",
"summary": "Microsoft Exchange Server Denial of Service Vulnerability"
},
{
"cvss": 3.5,
"cvss-time": "2023-12-31T19:15:00",
"cwe": "CWE-79",
"id": "CVE-2020-17083",
"last-modified": "2023-12-31T19:15:00",
"summary": "Microsoft Exchange Server Remote Code Execution Vulnerability"
}
]
},
"15.1.2106.6": {
"cpe": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_18:*:*:*:*:*:*",
"cves": [
{
"cvss": 9.0,
"cvss-time": "2023-12-30T00:15:00",
"cwe": "NVD-CWE-noinfo",
"id": "CVE-2020-17117",
"last-modified": "2023-12-30T00:15:00",
"summary": "Microsoft Exchange Remote Code Execution Vulnerability"
},
{
"cvss": 7.5,
"cvss-time": "2024-02-15T20:18:00",
Expand Down Expand Up @@ -8056,6 +8128,30 @@
"last-modified": "2023-12-29T17:16:00",
"summary": "Microsoft Exchange Server Remote Code Execution Vulnerability"
},
{
"cvss": 6.5,
"cvss-time": "2023-12-30T00:15:00",
"cwe": "NVD-CWE-noinfo",
"id": "CVE-2020-17132",
"last-modified": "2023-12-30T00:15:00",
"summary": "Microsoft Exchange Remote Code Execution Vulnerability"
},
{
"cvss": 6.5,
"cvss-time": "2023-12-30T00:15:00",
"cwe": "NVD-CWE-noinfo",
"id": "CVE-2020-17142",
"last-modified": "2023-12-30T00:15:00",
"summary": "Microsoft Exchange Remote Code Execution Vulnerability"
},
{
"cvss": 6.5,
"cvss-time": "2023-12-30T00:15:00",
"cwe": "NVD-CWE-noinfo",
"id": "CVE-2020-17143",
"last-modified": "2023-12-30T00:15:00",
"summary": "Microsoft Exchange Server Information Disclosure Vulnerability"
},
{
"cvss": 6.0,
"cvss-time": "2023-12-29T17:15:00",
Expand All @@ -8064,6 +8160,14 @@
"last-modified": "2023-12-29T17:15:00",
"summary": "Microsoft Exchange Server Spoofing Vulnerability"
},
{
"cvss": 6.0,
"cvss-time": "2023-12-30T00:15:00",
"cwe": "NVD-CWE-noinfo",
"id": "CVE-2020-17141",
"last-modified": "2023-12-30T00:15:00",
"summary": "Microsoft Exchange Remote Code Execution Vulnerability"
},
{
"cvss": 5.8,
"cvss-time": "2023-12-29T17:15:00",
Expand Down Expand Up @@ -8133,6 +8237,14 @@
"last-modified": "2023-12-29T17:16:00",
"summary": "Microsoft Exchange Server Remote Code Execution Vulnerability"
},
{
"cvss": 6.0,
"cvss-time": "2023-12-29T17:15:00",
"cwe": "NVD-CWE-noinfo",
"id": "CVE-2021-24085",
"last-modified": "2023-12-29T17:15:00",
"summary": "Microsoft Exchange Server Spoofing Vulnerability"
},
{
"cvss": 5.8,
"cvss-time": "2023-12-29T17:15:00",
Expand Down Expand Up @@ -8472,6 +8584,14 @@
"last-modified": "2024-07-26T19:25:00",
"summary": "Microsoft Exchange Server Security Feature Bypass Vulnerability"
},
{
"cvss": 6.0,
"cvss-time": "2023-12-29T17:15:00",
"cwe": "NVD-CWE-noinfo",
"id": "CVE-2021-24085",
"last-modified": "2023-12-29T17:15:00",
"summary": "Microsoft Exchange Server Spoofing Vulnerability"
},
{
"cvss": 5.8,
"cvss-time": "2023-08-02T00:15:00",
Expand Down Expand Up @@ -12472,7 +12592,32 @@
},
"15.1.845.36": {
"cpe": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_5:*:*:*:*:*:*",
"cves": []
"cves": [
{
"cvss": 5.8,
"cvss-time": "2017-07-17T18:48:00",
"cwe": "CWE-601",
"id": "CVE-2017-8621",
"last-modified": "2017-07-17T18:48:00",
"summary": "Microsoft Exchange Server 2010 SP3, Exchange Server 2013 SP3, Exchange Server 2013 CU16, and Exchange Server 2016 CU5 allows an open redirect vulnerability that could lead to spoofing, aka \"Microsoft Exchange Open Redirect Vulnerability\"."
},
{
"cvss": 4.3,
"cvss-time": "2017-07-14T13:21:00",
"cwe": "CWE-79",
"id": "CVE-2017-8560",
"last-modified": "2017-07-14T13:21:00",
"summary": "Microsoft Exchange Server 2010 SP3, Exchange Server 2013 SP3, Exchange Server 2013 CU16, and Exchange Server 2016 CU5 allows an elevation of privilege vulnerability due to the way that Exchange Outlook Web Access (OWA) handles web requests, aka \"Microsoft Exchange Cross-Site Scripting Vulnerability\". This CVE ID is unique from CVE-2017-8559."
},
{
"cvss": 4.3,
"cvss-time": "2017-07-14T13:25:00",
"cwe": "CWE-79",
"id": "CVE-2017-8559",
"last-modified": "2017-07-14T13:25:00",
"summary": "Microsoft Exchange Server 2010 SP3, Exchange Server 2013 SP3, Exchange Server 2013 CU16, and Exchange Server 2016 CU5 allows an elevation of privilege vulnerability due to the way that Exchange Outlook Web Access (OWA) handles web requests, aka \"Microsoft Exchange Cross-Site Scripting Vulnerability\". This CVE ID is unique from CVE-2017-8560."
}
]
},
"15.2.1118.12": {
"cpe": "cpe:/a:microsoft:exchange_server:2019:cumulative_update_12:*:*:*:*:*:*",
Expand Down

0 comments on commit cb54b0e

Please sign in to comment.