ioc[.]one - OSINT Cyber Threat Intelligence Database

Microsoft Exchange ProxyNotShell vulnerability explained and how to mitigate it

Tags

country:	U.S. Virgin Islands
attack-pattern:	Data Exploits - T1587.004 Exploits - T1588.005 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Vulnerabilities - T1588.006 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	c960908b-d1a8-4ee3-a6b5-5556430a5b9f
Fingerprint	b55ba8d3f807fec3
Analysis status	DONE
Considered CTI value	2
Text language
Published	Dec. 15, 2022, midnight
Added to db	Dec. 15, 2022, 1:10 p.m.
Last updated	Nov. 17, 2024, 5:56 p.m.
Headline	Microsoft Exchange ProxyNotShell vulnerability explained and how to mitigate it
Title	Microsoft Exchange ProxyNotShell vulnerability explained and how to mitigate it
Detected Hints/Tags/Attributes	45/2/17

Source URLs

	Redirection	Url
Details	Source	https://www.csoonline.com/article/3682762/microsoft-exchange-proxynotshell-vulnerability-explained-and-how-to-mitigate-it.html#tk.rss_networksecurity

URL Provider

Details	Provider	Source level domain
Details	csoonline.com	www.csoonline.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	163	✔	—	https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	CVE	105		cve-2022-41040
Details	CVE	127		cve-2022-41082
Details	CVE	168		cve-2021-34473
Details	CVE	142		cve-2021-34523
Details	CVE	143		cve-2021-31207
Details	Domain	134		shodan.io
Details	Domain	831		example.com
Details	Domain	7		yourcompany.com
Details	Email	3		autodiscover/autodiscover.json?@evil.com
Details	Email	3		email=autodiscover/autodiscover.json?@evil.com
Details	Email	1		example.com/owa/you@yourcompany.com
Details	Email	1		example.com/autodiscover/autodiscover.json?@yourcompany.com
Details	Email	1		/?&email=autodiscover/autodiscover.json?@yourcompany.com
Details	File	16		autodiscover.json
Details	File	82		default.aspx
Details	Url	1		https://example.com/owa/you@yourcompany.com/default.aspx
Details	Url	1		https://example.com/autodiscover/autodiscover.json?@yourcompany.com/?&email=autodiscover/autodiscover.json?@yourcompany.com