{"id":22557,"date":"2023-01-01T08:54:00","date_gmt":"2023-01-01T08:54:00","guid":{"rendered":"https:\/\/nsfocusglobal.com\/?p=22557"},"modified":"2026-04-17T18:07:42","modified_gmt":"2026-04-17T18:07:42","slug":"exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert","status":"publish","type":"post","link":"https:\/\/nsfocusglobal.com\/pt-br\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\/","title":{"rendered":"Exchange Server OWASSRF Vulnerability (CVE-2022-41080\/CVE-2022-41082) Alert"},"content":{"rendered":"<!DOCTYPE html PUBLIC \"-\/\/W3C\/\/DTD HTML 4.0 Transitional\/\/EN\" \"http:\/\/www.w3.org\/TR\/REC-html40\/loose.dtd\">\n<html><body><h2 class=\"wp-block-heading\">Overview<\/h2>\n\n\n\n<p>Recently, NSFOCUS CERT found that security teams overseas publicly disclosed the technical details of the exploit chain for Exchange Server vulnerabilities. An authenticated remote attacker exploits an Exchange Server privilege escalation vulnerability (CVE-2022-41080) to gain permission to execute PowerShell in the context of the system on an endpoint Outlook Web Application (OWA). An attacker with PowerShell privileges can then execute arbitrary code on the target system through the Exchange Server Remote Code Execution Vulnerability (CVE-2022-41082). The above exploit chain can bypass the mitigation measures officially provided by Microsoft for &#8220;ProxyNotShell&#8221;. Affected users are requested to take protective measures as soon as possible.<\/p>\n\n\n\n<p>Reference link:<\/p>\n\n\n\n<p><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2022-41080\">https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2022-41080<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2022-41082\">https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2022-41082<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Scope of Impact<\/h2>\n\n\n\n<p><strong>Affected version<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Microsoft Exchange Server 2013 Cumulative Update 23<\/li><li>Microsoft Exchange Server 2016 Cumulative Update 22<\/li><li>Microsoft Exchange Server 2016 Cumulative Update 23<\/li><li>Microsoft Exchange Server 2019 Cumulative Update 11<\/li><li>Microsoft Exchange Server 2019 Cumulative Update 12<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Attack Investigation<\/h2>\n\n\n\n<p>1. Visit the link to download the script:<\/p>\n\n\n\n<p><a href=\"https:\/\/github.com\/CrowdStrike\/OWASSRF\/blob\/main\/Rps_Http-IOC.ps1\">https:\/\/github.com\/CrowdStrike\/OWASSRF\/blob\/main\/Rps_Http-IOC.ps1<\/a><\/p>\n\n\n\n<p>2. Run the script (note that if you download directly, there may be a problem with the &amp; symbol, which makes it impossible to run. It is recommended to directly copy the following code and write it into a new ps1 file)<\/p>\n\n\n\n<p class=\"has-cyan-bluish-gray-background-color has-background\">powershell C:\\Users\\admin\\Desktop\\Rps_Http-IOC.ps1<\/p>\n\n\n\n<p>The default path where the log is located at is:<\/p>\n\n\n\n<p class=\"has-cyan-bluish-gray-background-color has-background\">C:\\Program Files\\Microsoft\\Exchange Server\\V15\\Logging\\CmdletInfra\\Powershell-Proxy\\Http<\/p>\n\n\n\n<p>3. The running result is shown in the figure below:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2023\/01\/0103.jpg\"><img fetchpriority=\"high\" decoding=\"async\" width=\"800\" height=\"1024\" src=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2023\/01\/0103-800x1024.jpg\" alt=\"Red circular no entry sign with a white horizontal bar.\" class=\"wp-image-22558\" srcset=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2023\/01\/0103-800x1024.jpg 800w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2023\/01\/0103-234x300.jpg 234w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2023\/01\/0103-768x983.jpg 768w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2023\/01\/0103-600x768.jpg 600w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2023\/01\/0103-200x256.jpg 200w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2023\/01\/0103.jpg 850w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/a><\/figure>\n\n\n\n<p>You can clearly see the mailbox being attacked, the source, the attack process, and the number of successes.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Vulnerability Detection<\/h2>\n\n\n\n<p>NSFOCUS Remote Security Assessment System (RSAS), Web Application Vulnerability Scanning System (WVSS), Network Intrusion Detection System (IDS), and Integrated Threat Probe (UTS) have the ability to scan and detect this vulnerability, users who have deployed the above devices are requested to upgrade to the latest version.<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td><a><\/a><a><\/a><a><\/a><a><\/a> <strong>&nbsp;<\/strong><\/td><td><strong>Version No.<\/strong><\/td><td><strong>Link<\/strong><\/td><\/tr><tr><td><strong>RSAS V6 <\/strong><strong>System plug-in package<\/strong><\/td><td>V6.0R02F01.2906<\/td><td>http:\/\/update.nsfocus.com\/update\/listRsasDetail\/v\/vulsys<\/td><\/tr><tr><td><strong>RSAS&nbsp;V6&nbsp;Web plug-in package<\/strong><\/td><td>V6.0R02F00.2804<\/td><td>http:\/\/update.nsfocus.com\/update\/listRsasDetail\/v\/vulweb<\/td><\/tr><tr><td><strong>WVSS V6 <\/strong><strong>Plug-in upgrade package<\/strong><\/td><td>V6.0R03F00.265<\/td><td>http:\/\/update.nsfocus.com\/update\/listWvssDetail\/v\/6\/t\/plg<\/td><\/tr><tr><td><strong>IDS<\/strong><\/td><td>5.6.11.28923<\/td><td>http:\/\/update.nsfocus.com\/update\/downloads\/id\/135638<\/td><\/tr><tr><td><strong>IDS<\/strong><\/td><td>5.6.10.28923<\/td><td>http:\/\/update.nsfocus.com\/update\/downloads\/id\/135637<\/td><\/tr><tr><td><strong>UTS<\/strong><\/td><td>5.6.10.28923<\/td><td>http:\/\/update.nsfocus.com\/update\/downloads\/id\/135667<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Mitigation<\/h2>\n\n\n\n<p>At present, Microsoft has officially released a security patch to fix this vulnerability for supported product versions. It is recommended that affected users enable automatic system updates and install patches for protection. If the update patch is not successfully installed, you can directly download the offline installation package for update. <\/p>\n\n\n\n<p>In response to the vulnerabilities mentioned above, NSFOCUS has released rule upgrade packages for its Network Intrusion Prevention System (IPS), Web Application Firewall (WAF) and Next-Generation Firewall (NF). Relevant users are requested to upgrade the rule packages to the latest version to form security product protection ability. The version numbers of security protection product rules are as follows:<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td><strong>Product<\/strong><\/td><td><strong>Version No.<\/strong><\/td><td><strong>Link<\/strong><\/td><td><strong>Rule No.<\/strong><\/td><\/tr><tr><td><strong>IPS<\/strong><\/td><td>5.6.11.28923<\/td><td>http:\/\/update.nsfocus.com\/update\/downloads\/id\/135638<\/td><td>[25803]<\/td><\/tr><tr><td><\/td><td>5.6.10.28923<\/td><td>http:\/\/update.nsfocus.com\/update\/downloads\/id\/135637<\/td><td>[25802]<\/td><\/tr><tr><td><strong>WAF<\/strong><\/td><td>6.0.7.3.58018<\/td><td>http:\/\/update.nsfocus.com\/update\/downloads\/id\/135588<\/td><td>27005147<\/td><\/tr><tr><td><\/td><td>6.0.7.0.58018<\/td><td>http:\/\/update.nsfocus.com\/update\/downloads\/id\/135589<\/td><td><\/td><\/tr><tr><td><strong>NF<\/strong><\/td><td>6.0.1.890<\/td><td>http:\/\/update.nsfocus.com\/update\/downloads\/id\/135633<\/td><td>25807<\/td><\/tr><tr><td><\/td><td>6.0.2.890<\/td><td>http:\/\/update.nsfocus.com\/update\/downloads\/id\/135634<\/td><td><\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Temporary Mitigation<\/h2>\n\n\n\n<p>1. If the patch cannot be applied temporarily, it is recommended to disable OWA to alleviate this vulnerability<\/p>\n\n\n\n<p>2. Prohibit non-admin users from using remote PowerShell access<\/p>\n\n\n\n<p>Microsoft officially strongly recommends that Exchange Server users disable remote PowerShell access for non-admin users in their organization:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Use the Exchange Management Shell to disable remote PowerShell access for individual users<\/li><\/ul>\n\n\n\n<p class=\"has-cyan-bluish-gray-background-color has-background\">Set-User &#8220;&lt;username&gt;&#8221; -RemotePowerShellEnabled $false<\/p>\n\n\n\n<p>Example: To disable remote PowerShell access for the username &#8220;Therese Lindqvist&#8221;:<\/p>\n\n\n\n<p class=\"has-cyan-bluish-gray-background-color has-background\">Set-User &#8220;Therese Lindqvist&#8221; -RemotePowerShellEnabled $false<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Use the Exchange Management Shell to disable remote PowerShell access for multiple users<\/li><\/ul>\n\n\n\n<p>(1) Disable for multiple users based on existing attributes<\/p>\n\n\n\n<p>Step 1<\/p>\n\n\n\n<p class=\"has-cyan-bluish-gray-background-color has-background\">$&lt;VariableName&gt; = &lt;Get-Mailbox | Get-User&gt; -ResultSize unlimited -Filter &lt;Filter&gt;<\/p>\n\n\n\n<p>Step 2<\/p>\n\n\n\n<p class=\"has-cyan-bluish-gray-background-color has-background\">$&lt;VariableName&gt; | foreach {Set-User -RemotePowerShellEnabled $false}<\/p>\n\n\n\n<p>Example: To remove remote PowerShell access for all users whose Title attribute contains the value &#8220;Sales Associate&#8221;:<\/p>\n\n\n\n<p>Step 1<\/p>\n\n\n\n<p class=\"has-cyan-bluish-gray-background-color has-background\">$DSA = Get-User -ResultSize unlimited -Filter &#8220;(RecipientType -eq &#8216;UserMailbox&#8217;) -and (Title -like &#8216;*Sales Associate*&#8217;)&#8221;<\/p>\n\n\n\n<p>Step 2<\/p>\n\n\n\n<p class=\"has-cyan-bluish-gray-background-color has-background\">$DSA | foreach {Set-User -RemotePowerShellEnabled $false}<\/p>\n\n\n\n<p>(1). Disable according to the specific user list:<\/p>\n\n\n\n<p>Step 1<\/p>\n\n\n\n<p class=\"has-cyan-bluish-gray-background-color has-background\">$&lt;VariableName&gt; = Get-Content &lt;text file&gt;<\/p>\n\n\n\n<p>Step 2<\/p>\n\n\n\n<p class=\"has-cyan-bluish-gray-background-color has-background\">$&lt;VariableName&gt; | foreach {Set-User -RemotePowerShellEnabled $false<\/p>\n\n\n\n<p>Example: To remove access to remote PowerShell for all users located in C:\\My Documents\\NoPowerShell.txt:<\/p>\n\n\n\n<p>Step 1<\/p>\n\n\n\n<p class=\"has-cyan-bluish-gray-background-color has-background\">$NPS = Get-Content &#8220;C:\\My Documents\\NoPowerShell.txt&#8221;<\/p>\n\n\n\n<p>Step 2<\/p>\n\n\n\n<p class=\"has-cyan-bluish-gray-background-color has-background\">$NPS | foreach {Set-User -RemotePowerShellEnabled $false}<\/p>\n\n\n\n<p>For the above operations of disabling remote PowerShell access for users, please refer to the following link for details:<\/p>\n\n\n\n<p><a href=\"https:\/\/learn.microsoft.com\/en-us\/powershell\/exchange\/control-remote-powershell-access-to-exchange-servers?view=exchange-ps&amp;viewFallbackFrom=exchange-ps%22%20%5Cl%20%22use-the-exchange-management-shell-to-enable-or-disable-remote-powershell-access-for-a-user\">https:\/\/learn.microsoft.com\/en-us\/powershell\/exchange\/control-remote-powershell-access-to-exchange-servers?view=exchange-ps&amp;viewFallbackFrom=exchange-ps%22%20%5Cl%20%22use-the-exchange-management-shell-to-enable-or-disable-remote-powershell-access-for-a-user<\/a><\/p>\n\n\n\n<p>3. Make sure the X-Forwarded-For HTTP request header records the real external IP address<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Statement<\/h2>\n\n\n\n<p>This advisory is only used to describe a potential risk. NSFOCUS does not provide any commitment or promise on this advisory. NSFOCUS and the author will not bear any liability for any direct and\/or indirect consequences and losses caused by transmitting and\/or using this advisory. NSFOCUS reserves all the rights to modify and interpret this advisory. Please include this statement paragraph when reproducing or transferring this advisory. Do not modify this advisory, add\/delete any information to\/from it, or use this advisory for commercial purposes without permission from NSFOCUS.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">About NSFOCUS<\/h2>\n\n\n\n<p>NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks. The company&acirc;&euro;&trade;s Intelligent Hybrid Security strategy utilizes both cloud and on-premises security platforms, built on a foundation of real-time global threat intelligence, to provide multi-layered, unified and dynamic protection against advanced cyber attacks.<\/p>\n\n\n\n<p>NSFOCUS works with Fortune Global 500 companies, including four of the world&acirc;&euro;&trade;s five largest financial institutions, organizations in insurance, retail, healthcare, critical infrastructure industries as well as government agencies. NSFOCUS has technology and channel partners in more than 60 countries, is a member of both the Microsoft Active Protections Program (MAPP), and the Cloud Security Alliance (CSA).<\/p>\n\n\n\n<p>A wholly owned subsidiary of NSFOCUS Technologies Group Co., Ltd., the company has operations in the Americas, Europe, the Middle East and Asia Pacific.<\/p>\n<\/body><\/html>\n","protected":false},"excerpt":{"rendered":"<p>Overview Recently, NSFOCUS CERT found that security teams overseas publicly disclosed the technical details of the exploit chain for Exchange Server vulnerabilities. An authenticated remote attacker exploits an Exchange Server privilege escalation vulnerability (CVE-2022-41080) to gain permission to execute PowerShell in the context of the system on an endpoint Outlook Web Application (OWA). An attacker [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":35727,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_coblocks_attr":"","_coblocks_dimensions":"","_coblocks_responsive_height":"","_coblocks_accordion_ie_support":"","footnotes":""},"categories":[6],"tags":[240],"class_list":["post-22557","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-emergency-response","tag-cve-2022-41080-cve-2022-41082-2"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Exchange Server OWASSRF Vulnerability (CVE-2022-41080\/CVE-2022-41082) Alert - NSFOCUS<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/nsfocusglobal.com\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\/\" \/>\n<meta property=\"og:locale\" content=\"pt_BR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Exchange Server OWASSRF Vulnerability (CVE-2022-41080\/CVE-2022-41082) Alert - NSFOCUS\" \/>\n<meta property=\"og:description\" content=\"Overview Recently, NSFOCUS CERT found that security teams overseas publicly disclosed the technical details of the exploit chain for Exchange Server\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nsfocusglobal.com\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\/\" \/>\n<meta property=\"og:site_name\" content=\"NSFOCUS\" \/>\n<meta property=\"article:published_time\" content=\"2023-01-01T08:54:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-04-17T18:07:42+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2023\/01\/0103-800x1024-1.jpg\" \/>\n<meta name=\"author\" content=\"NSFOCUS\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"Exchange Server OWASSRF Vulnerability (CVE-2022-41080\/CVE-2022-41082) Alert - NSFOCUS\" \/>\n<meta name=\"twitter:description\" content=\"Overview Recently, NSFOCUS CERT found that security teams overseas publicly disclosed the technical details of the exploit chain for Exchange Server\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2023\/01\/0103-800x1024-1.jpg\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"NSFOCUS\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. tempo de leitura\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\\\/\"},\"author\":{\"name\":\"NSFOCUS\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#\\\/schema\\\/person\\\/fd9ab61c9c77a81bbd870f725cc0c61d\"},\"headline\":\"Exchange Server OWASSRF Vulnerability (CVE-2022-41080\\\/CVE-2022-41082) Alert\",\"datePublished\":\"2023-01-01T08:54:00+00:00\",\"dateModified\":\"2026-04-17T18:07:42+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\\\/\"},\"wordCount\":1061,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/0103-800x1024-1.jpg\",\"keywords\":[\"CVE-2022-41080 CVE-2022-41082\"],\"articleSection\":[\"Emergency Response\"],\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/nsfocusglobal.com\\\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\\\/\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\\\/\",\"name\":\"Exchange Server OWASSRF Vulnerability (CVE-2022-41080\\\/CVE-2022-41082) Alert - NSFOCUS\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/0103-800x1024-1.jpg\",\"datePublished\":\"2023-01-01T08:54:00+00:00\",\"dateModified\":\"2026-04-17T18:07:42+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\\\/#breadcrumb\"},\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/nsfocusglobal.com\\\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\\\/#primaryimage\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/0103-800x1024-1.jpg\",\"contentUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/0103-800x1024-1.jpg\",\"width\":800,\"height\":1024,\"caption\":\"Computer screen displaying server log entries.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/nsfocusglobal.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Exchange Server OWASSRF Vulnerability (CVE-2022-41080\\\/CVE-2022-41082) Alert\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#website\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/\",\"name\":\"NSFOCUS\",\"description\":\"Security Made Smart and Simple\",\"publisher\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/nsfocusglobal.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"pt-BR\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#organization\",\"name\":\"NSFOCUS\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/logo-ns.png\",\"contentUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/logo-ns.png\",\"width\":248,\"height\":36,\"caption\":\"NSFOCUS\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#\\\/schema\\\/person\\\/fd9ab61c9c77a81bbd870f725cc0c61d\",\"name\":\"NSFOCUS\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"caption\":\"NSFOCUS\"},\"sameAs\":[\"https:\\\/\\\/nsfocusglobal.com\"],\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/author\\\/admin\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Exchange Server OWASSRF Vulnerability (CVE-2022-41080\/CVE-2022-41082) Alert - NSFOCUS","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/nsfocusglobal.com\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\/","og_locale":"pt_BR","og_type":"article","og_title":"Exchange Server OWASSRF Vulnerability (CVE-2022-41080\/CVE-2022-41082) Alert - NSFOCUS","og_description":"Overview Recently, NSFOCUS CERT found that security teams overseas publicly disclosed the technical details of the exploit chain for Exchange Server","og_url":"https:\/\/nsfocusglobal.com\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\/","og_site_name":"NSFOCUS","article_published_time":"2023-01-01T08:54:00+00:00","article_modified_time":"2026-04-17T18:07:42+00:00","og_image":[{"url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2023\/01\/0103-800x1024-1.jpg","type":"","width":"","height":""}],"author":"NSFOCUS","twitter_card":"summary_large_image","twitter_title":"Exchange Server OWASSRF Vulnerability (CVE-2022-41080\/CVE-2022-41082) Alert - NSFOCUS","twitter_description":"Overview Recently, NSFOCUS CERT found that security teams overseas publicly disclosed the technical details of the exploit chain for Exchange Server","twitter_image":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2023\/01\/0103-800x1024-1.jpg","twitter_misc":{"Escrito por":"NSFOCUS","Est. tempo de leitura":"5 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/nsfocusglobal.com\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\/#article","isPartOf":{"@id":"https:\/\/nsfocusglobal.com\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\/"},"author":{"name":"NSFOCUS","@id":"https:\/\/nsfocusglobal.com\/#\/schema\/person\/fd9ab61c9c77a81bbd870f725cc0c61d"},"headline":"Exchange Server OWASSRF Vulnerability (CVE-2022-41080\/CVE-2022-41082) Alert","datePublished":"2023-01-01T08:54:00+00:00","dateModified":"2026-04-17T18:07:42+00:00","mainEntityOfPage":{"@id":"https:\/\/nsfocusglobal.com\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\/"},"wordCount":1061,"commentCount":0,"publisher":{"@id":"https:\/\/nsfocusglobal.com\/#organization"},"image":{"@id":"https:\/\/nsfocusglobal.com\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\/#primaryimage"},"thumbnailUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2023\/01\/0103-800x1024-1.jpg","keywords":["CVE-2022-41080 CVE-2022-41082"],"articleSection":["Emergency Response"],"inLanguage":"pt-BR","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/nsfocusglobal.com\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/nsfocusglobal.com\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\/","url":"https:\/\/nsfocusglobal.com\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\/","name":"Exchange Server OWASSRF Vulnerability (CVE-2022-41080\/CVE-2022-41082) Alert - NSFOCUS","isPartOf":{"@id":"https:\/\/nsfocusglobal.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/nsfocusglobal.com\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\/#primaryimage"},"image":{"@id":"https:\/\/nsfocusglobal.com\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\/#primaryimage"},"thumbnailUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2023\/01\/0103-800x1024-1.jpg","datePublished":"2023-01-01T08:54:00+00:00","dateModified":"2026-04-17T18:07:42+00:00","breadcrumb":{"@id":"https:\/\/nsfocusglobal.com\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\/#breadcrumb"},"inLanguage":"pt-BR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nsfocusglobal.com\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\/"]}]},{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/nsfocusglobal.com\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\/#primaryimage","url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2023\/01\/0103-800x1024-1.jpg","contentUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2023\/01\/0103-800x1024-1.jpg","width":800,"height":1024,"caption":"Computer screen displaying server log entries."},{"@type":"BreadcrumbList","@id":"https:\/\/nsfocusglobal.com\/exchange-server-owassrf-vulnerability-cve-2022-41080-cve-2022-41082-alert\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/nsfocusglobal.com\/"},{"@type":"ListItem","position":2,"name":"Exchange Server OWASSRF Vulnerability (CVE-2022-41080\/CVE-2022-41082) Alert"}]},{"@type":"WebSite","@id":"https:\/\/nsfocusglobal.com\/#website","url":"https:\/\/nsfocusglobal.com\/","name":"NSFOCUS","description":"Security Made Smart and Simple","publisher":{"@id":"https:\/\/nsfocusglobal.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/nsfocusglobal.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"pt-BR"},{"@type":"Organization","@id":"https:\/\/nsfocusglobal.com\/#organization","name":"NSFOCUS","url":"https:\/\/nsfocusglobal.com\/","logo":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/nsfocusglobal.com\/#\/schema\/logo\/image\/","url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/08\/logo-ns.png","contentUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/08\/logo-ns.png","width":248,"height":36,"caption":"NSFOCUS"},"image":{"@id":"https:\/\/nsfocusglobal.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/nsfocusglobal.com\/#\/schema\/person\/fd9ab61c9c77a81bbd870f725cc0c61d","name":"NSFOCUS","image":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","caption":"NSFOCUS"},"sameAs":["https:\/\/nsfocusglobal.com"],"url":"https:\/\/nsfocusglobal.com\/pt-br\/author\/admin\/"}]}},"_links":{"self":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/22557","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/comments?post=22557"}],"version-history":[{"count":0,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/22557\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/media\/35727"}],"wp:attachment":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/media?parent=22557"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/categories?post=22557"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/tags?post=22557"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}