All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2022-41040
NONEKEVpublish date unavailable
CVSS / 10
// description
Microsoft Exchange Server allows for server-side request forgery. Dubbed "ProxyNotShell," this vulnerability is chainable with CVE-2022-41082 which allows for remote code execution.
// required action (CISA KEV)
Apply updates per vendor instructions.
added 2022-09-30 00:00 UTC