Technical Severity
HIGHCVSS v3.1 Metrics
7.2
/ 10
Minimal Risk
Critical
Vector Specification
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:CExploitation Likelihood
EPSS Prediction
46.38
%
Predictive Probability
Percentile Rank
98.7
th
Documented as more likely to be exploited than 98.7% of known CVEs.
Detection Date
Aug 21, 2024
Remediation Due
Sep 11, 2024
CISA Catalog Active
Threat Analysis
Microsoft Exchange Server contains an information disclosure vulnerability that allows for remote code execution.
Remediation Directive
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.