CVE-2022-41040

Microsoft Exchange Server Elevation of Privilege Vulnerability

Weakness

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

Affected Software

Name	Vendor	Start Version	End Version
Exchange_server	Microsoft	2013-cumulative_update_23 (including)	2013-cumulative_update_23 (including)
Exchange_server	Microsoft	2016-cumulative_update_22 (including)	2016-cumulative_update_22 (including)
Exchange_server	Microsoft	2016-cumulative_update_23 (including)	2016-cumulative_update_23 (including)
Exchange_server	Microsoft	2019-cumulative_update_11 (including)	2019-cumulative_update_11 (including)
Exchange_server	Microsoft	2019-cumulative_update_12 (including)	2019-cumulative_update_12 (including)

https://cwe.mitre.org/data/definitions/664.html

References

http://packetstormsecurity.com/files/170066/Microsoft-Exchange-ProxyNotShell-Remote-Code-Execution.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41040
https://www.kb.cert.org/vuls/id/915563
https://www.secpod.com/blog/microsoft-november-2022-patch-tuesday-patches-65-vulnerabilities-including-6-zero-days/

NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-41040
CWE	https://cwe.mitre.org/data/definitions/918.html

Server-Side Request Forgery (SSRF)

Weakness

Affected Software

Related Attack Patterns

References