Microsoft Exchange Server October 2022 Zero-day Vulnerabilities (ProxyNotShell)

high Nessus Plugin ID 165705

Language:

Version 1.14 May 5, 2025, 9:35 AM Exploit attributes ("Exploited by malware" set to "True") Plugin Feed: 202505050935
Version 1.13 Apr 4, 2025, 9:01 PM CVSS metrics ("CVSSv3 score" set to 8.0) CVSS metrics ("CVSSv3 vector" set to "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H") CVSSv3 score source (set to "CVE-2022-41082") Plugin Feed: 202504042101
Version 1.12 Jun 6, 2024, 8:00 PM Plugin metadata Plugin Feed: 202406062000
Version 1.11 Dec 26, 2023, 2:33 PM CVSSv2 score source (changed from "CVE-2022-41082" to "CVE-2022-41040") Plugin Feed: 202312261433
Version 1.10 Jan 12, 2023, 11:00 PM IAVM reference Plugin Feed: 202301122300
Version 1.9 Jan 12, 2023, 6:19 PM Exploit attributes ("Exploit framework core" set to "True") Plugin Feed: 202301121819
Version 1.8 Dec 5, 2022, 10:02 PM Reference Plugin Feed: 202212052202
Version 1.7 Dec 2, 2022, 4:16 PM CVSS metrics ("CVSSv2 score" changed from "8.5" to "9.0") CVSS metrics ("CVSSv2 vector" changed from "CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C" to "CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C") Exploit attributes ("Exploit framework metasploit" set to "True") Plugin Feed: 202212021616
Version 1.6 Nov 30, 2022, 4:19 PM Plugin metadata (updated solution for CU:11) Plugin Feed: 202211301619
Version 1.5 Nov 11, 2022, 3:54 PM IAVM reference STIG Severity Plugin Feed: 202211111554
Version 1.3 Oct 6, 2022, 5:51 PM CISA reference Plugin Feed: 202210061751
Version 1.2 Oct 6, 2022, 3:53 PM CVSS temporal metrics Exploit attributes Plugin Feed: 202210061553

* Changelogs are generally available for changes made after Nov 1, 2022