Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Exchange vulnerabilities #673

Merged
merged 27 commits into from
Apr 26, 2024
Merged

Exchange vulnerabilities #673

Changes from all commits
Commits
Show all changes
27 commits
Select commit Hold shift + click to select a range
b0d0f1e
Microsoft Releases Security Updates for Multiple Products - 20240313001
thiagoai1 Mar 13, 2024
3588991
Format markdown files
actions-user Mar 13, 2024
c7bf91d
Merge branch 'main' into main
DGovEnterprise Mar 14, 2024
edc5530
Merge branch 'wagov:main' into main
thiagoai1 Mar 27, 2024
6cb516d
Apache Tomcat Denial of Service Vulnerabilities
thiagoai1 Mar 27, 2024
a1af551
Format markdown files
actions-user Mar 27, 2024
bb73e21
Update 20240327002-Apache-Tomcat-Denial-of-Service-Vulnerabilities.md
DGovEnterprise Mar 27, 2024
84fab36
Merge branch 'main' into main
DGovEnterprise Mar 27, 2024
2f17e2b
Merge branch 'wagov:main' into main
thiagoai1 Apr 3, 2024
159e94b
Qualcomm Critical Security Vulnerability - 20240403001
thiagoai1 Apr 3, 2024
39b7ace
Format markdown files
actions-user Apr 3, 2024
52f18a0
Merge branch 'wagov:main' into main
thiagoai1 Apr 10, 2024
01fd435
Microsoft Releases April Security Updates
thiagoai1 Apr 10, 2024
9676119
Format markdown files
actions-user Apr 10, 2024
96f64e7
April 2024 Security Updates
thiagoai1 Apr 10, 2024
d3bb5b3
Format markdown files
actions-user Apr 10, 2024
01d5d41
Delete docs/advisories/20240403001-Qualcomm-Critical-Security-Vulnera…
DGovEnterprise Apr 10, 2024
45acd89
Merge branch 'main' into main
DGovEnterprise Apr 10, 2024
6884a35
Merge branch 'wagov:main' into main
thiagoai1 Apr 17, 2024
8cd27b4
Mozilla vulns
thiagoai1 Apr 17, 2024
294a652
Format markdown docs
thiagoai1 Apr 17, 2024
59ac0ad
Merge branch 'main' into main
adonm Apr 17, 2024
fb319af
Merge branch 'main' into main
DGovEnterprise Apr 18, 2024
d8a85d8
MS Exchange
thiagoai1 Apr 24, 2024
c65c2a7
Format markdown docs
thiagoai1 Apr 24, 2024
fb1cbb5
Merge branch 'wagov:main' into main
thiagoai1 Apr 24, 2024
c2cefa6
Merge branch 'main' into main
DGovEnterprise Apr 26, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 26 additions & 0 deletions ...es/20240424001-Microsoft-Exchange-Server-Remote-Code-Execution-Vulnerability.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
# Microsoft Exchange Server Remote Code Execution Vulnerability - 20240424001

## Overview

Microsoft Exchange Server Remote Code Execution Vulnerability

## What is vulnerable?

| CVE | Severity | CVSS | Product(s) Affected | Dated |
| -------------------------------------------------------------------------------------- | ------------- | ---- | --------------------------------- | --------------------------- |
| [CVE-2024-26198](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26198) | **Important** | 7.7 | See vendor link in Recommendation | 12/03/24 (Updated 23/04/24) |

## What has been observed?

There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.

## Recommendation

The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *one month...* (refer [Patch Management](../guidelines/patch-management.md)):

- [Microsoft Exchange Server Remote Code Execution Vulnerability Recently updated](https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-26190)

## Additional References

- [Tenable - CVE-2024-26198
](https://www.tenable.com/cve/CVE-2024-26198)