CVE-2019-1373

Summary

A remote code execution vulnerability exists in Microsoft Exchange through the deserialization of metadata via PowerShell, aka 'Microsoft Exchange Remote Code Execution Vulnerability'.

Affected Software

VendorProductVersion RangeStatus
MicrosoftMicrosoft Exchange Server 2019Cumulative Update 2affected
MicrosoftMicrosoft Exchange Server 2016Cumulative Update 13affected
MicrosoftMicrosoft Exchange Server 2013Cumulative Update 23affected
MicrosoftMicrosoft Exchange Server 2019 Cumulative Update 3unspecifiedaffected
MicrosoftMicrosoft Exchange Server 2016 Cumulative Update 14unspecifiedaffected

Weaknesses

  • Remote Code Execution

ADP Enrichment

CVE Program Container

Additional References

References