CVE-2022-21846 Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2022-21846 Microsoft Exchange Server Remote Code Execution Vulnerability

This issue was discovered by Cisco Talos and was disclosed to Cisco privately on February 3rd, 2019. Cisco has assigned ID CVE-2022 to this vulnerability, and announced it in a Cisco Security Advisory. Cisco has assigned ID CVE-2022 to this vulnerability, and announced it in a Cisco Security Advisory. Cisco has also assigned ID CVE-2022 to a second, related vulnerability in the same component, which was also disclosed to Cisco privately on February 3rd, 2019. This second vulnerability is also assigned ID CVE-2022, and Cisco has announced it in a Cisco Security Advisory. Cisco has also assigned ID CVE-2022 to a second, related vulnerability in the same component, which was also disclosed to Cisco privately on February 3rd, 2019. This second vulnerability is also assigned ID CVE-2022, and Cisco has announced it in a Cisco Security Advisory. Cisco has also assigned ID CVE-2022 to a third, unrelated vulnerability in the same component, which was also disclosed to Cisco privately on February 3rd, 2019. This third vulnerability is also assigned ID CVE-2022, and Cisco has announced it in a Cisco Security Advisory. Cisco has also assigned ID CVE-2022 to a third, unrelated vulnerability in the same component, which was also disclosed to Cisco privately on February 3rd, 2019. This third vulnerability is also assigned ID CVE-2022, and Cisco has announced it in a Cisco Security Advisory. Cisco has also assigned ID CVE-2022

Description of Vulnerable Software

The affected software is Cisco Advanced Malware Defense (AMP) for Linux.

Recommendations:

What's the most important step to take in response to this vulnerability?
Please read the Cisco Security Advisory, which contains recommendations for mitigating this vulnerability.

Summary

Cisco Talos discovered an information-disclosure vulnerability in the Cisco Adaptive Security Appliance (ASA) software. The vulnerability is triggered when the ASA receives a specially crafted, malformed message and could result in sensitive information being disclosed to unauthorized users.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe