Forum Discussion

Product Team

3 years ago

Tenable Research Update On ProxyNotShell (CVE-2022-41040,...

Tenable Research Update On ProxyNotShell (CVE-2022-41040, CVE-2022-41082) Update 10/6: A new plugin has been released. Read below for more details. As new information and research into the two zero...

Cyber Exposure Alerts

ext_mcaracciolo

Connect Contributor

3 years ago

Hi,

We are facing the same issue as Dean Rhoades

We have implemented the following recommended mitigation, but the plugins still find our servers as vulnerable (https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/).

The plugin only identify the exchange servers or also test vulnerability?

how can i know if this is remediated ?

Thanks!

scaveza
Product Team
3 years ago
Hi Martin,
I've confirmed with the plugins team that Plugin ID 165705 will flag Exchange servers based on the version information reported. The plugin does not check systems for the presence of Microsoft's suggested mitigations.

Forum Discussion

Tenable Research Update On ProxyNotShell (CVE-2022-41040,...

Recent Discussions

Microsoft’s September 2025 Patch Tuesday Addresses 80 CVEs (CVE-2025-55234)

Frequently Asked Questions About Chinese State-Sponsored Actors Compromising Global Networks

CVE-2025-7775: Citrix NetScaler ADC and Gateway Zero-Day RCE Vulnerability Exploited in the Wild

CVE-2025-25256: Proof of Concept Released for Fortinet FortiSIEM Command Injection Vulnerability

Microsoft’s August 2025 Patch Tuesday Addresses 107 CVEs (CVE-2025-53779)

Americas

Europe

Asia / Australia