Forum Discussion

Product Team

3 years ago

Tenable Research Update On ProxyNotShell (CVE-2022-41040,...

Tenable Research Update On ProxyNotShell (CVE-2022-41040, CVE-2022-41082) Update 10/6: A new plugin has been released. Read below for more details. As new information and research into the two zero...

Cyber Exposure Alerts

luke_barlow

3 years ago

I'm also finding the same results that Martin Caracciolo and Dean Rhoades are experiencing. We have performed what Microsoft has informed on what to do, but it's still showing as discovered and vulnerable.

What is the check this plugin is looking at, so I can work through our mitigation and fix any vulnerabilities present.

Thanks!

scaveza
Product Team
3 years ago
Hi Luke,
I've confirmed with the plugins team that Plugin ID 165705 will flag Exchange servers based on the version information reported. The plugin does not check systems for the presence of Microsoft's suggested mitigations.
- luke_barlow
  3 years ago
  Hey Scott,
  Thanks for the information.

Forum Discussion

Tenable Research Update On ProxyNotShell (CVE-2022-41040,...

Recent Discussions

Microsoft’s September 2025 Patch Tuesday Addresses 80 CVEs (CVE-2025-55234)

Frequently Asked Questions About Chinese State-Sponsored Actors Compromising Global Networks

CVE-2025-7775: Citrix NetScaler ADC and Gateway Zero-Day RCE Vulnerability Exploited in the Wild

CVE-2025-25256: Proof of Concept Released for Fortinet FortiSIEM Command Injection Vulnerability

Microsoft’s August 2025 Patch Tuesday Addresses 107 CVEs (CVE-2025-53779)

Americas

Europe

Asia / Australia