{"id":665,"date":"2023-03-16T10:18:43","date_gmt":"2023-03-16T10:18:43","guid":{"rendered":"https:\/\/www.decoutere.eu\/?p=665"},"modified":"2023-03-16T10:56:29","modified_gmt":"2023-03-16T10:56:29","slug":"cve-2023-23397","status":"publish","type":"post","link":"https:\/\/www.decoutere.eu\/index.php\/2023\/03\/16\/cve-2023-23397\/","title":{"rendered":"CVE-2023-23397"},"content":{"rendered":"<div id=\"pl-665\"  class=\"panel-layout\" ><div id=\"pg-665-0\"  class=\"panel-grid panel-no-style\" ><div id=\"pgc-665-0-0\"  class=\"panel-grid-cell\" ><div id=\"panel-665-0-0-0\" class=\"so-panel widget widget_sow-editor panel-first-child\" data-index=\"0\" ><div\n\t\t\t\n\t\t\tclass=\"so-widget-sow-editor so-widget-sow-editor-base\"\n\t\t\t\n\t\t>\n<div class=\"siteorigin-widget-tinymce textwidget\">\n\t<p>cfr microsoft note : <a href=\"https:\/\/microsoft.github.io\/CSS-Exchange\/Security\/CVE-2023-23397\/\">CVE-2023-23397 script - Microsoft - CSS-Exchange<\/a><\/p>\n<p>powershell in admin mode<\/p>\n<p>Connect-MSOLService<\/p>\n<p><span class=\"enlighter-m0\">Install-Module<\/span><span class=\"enlighter-text\"> AzureAD<\/span><\/p>\n<p>import-Module ExchangeOnlineManagement<br \/>\nInstall-Module -Name ExchangeOnlineManagement -RequiredVersion 3.1.0<\/p>\n<p>Connect-ExchangeOnline -UserPrincipalName user@domein.be<\/p>\n<ul>\n<li><span class=\"p\">.\\<\/span><span class=\"n\">CVE<\/span><span class=\"p\">-<\/span><span class=\"n\">2023<\/span><span class=\"p\">-<\/span><span class=\"n\">23397<\/span><span class=\"p\">.<\/span><span class=\"n\">ps1<\/span> <span class=\"n\">-CreateAzureApplication<\/span><\/li>\n<\/ul>\n<\/div>\n<\/div><\/div><div id=\"panel-665-0-0-1\" class=\"so-panel widget widget_sow-image\" data-index=\"1\" ><div\n\t\t\t\n\t\t\tclass=\"so-widget-sow-image so-widget-sow-image-default-c67d20f9f743-665\"\n\t\t\t\n\t\t>\n<div class=\"sow-image-container\">\n\t\t<img \n\tsrc=\"https:\/\/www.decoutere.eu\/wp-content\/uploads\/2023\/03\/CVE-2023-23397-1.jpg\" width=\"686\" height=\"162\" srcset=\"https:\/\/www.decoutere.eu\/wp-content\/uploads\/2023\/03\/CVE-2023-23397-1.jpg 686w, https:\/\/www.decoutere.eu\/wp-content\/uploads\/2023\/03\/CVE-2023-23397-1-300x71.jpg 300w\" sizes=\"(max-width: 686px) 100vw, 686px\" alt=\"\" \t\tclass=\"so-widget-image\"\/>\n\t<\/div>\n\n<\/div><\/div><div id=\"panel-665-0-0-2\" class=\"so-panel widget widget_sow-editor\" data-index=\"2\" ><div\n\t\t\t\n\t\t\tclass=\"so-widget-sow-editor so-widget-sow-editor-base\"\n\t\t\t\n\t\t>\n<div class=\"siteorigin-widget-tinymce textwidget\">\n\t<ul>\n<li>download : https:\/\/api.nuget.org\/v3-flatcontainer\/microsoft.exchange.webservices\/2.2.0\/microsoft.exchange.webservices.2.2.0.nupkg<\/li>\n<li>unzip<\/li>\n<li>download script : https:\/\/github.com\/microsoft\/CSS-Exchange\/releases\/latest\/download\/CVE-2023-23397.ps1<\/li>\n<li>run in elevated powershell : Get-Mailbox | .\\CVE-2023-23397.ps1 -Environment \"Online\"<\/li>\n<\/ul>\n<\/div>\n<\/div><\/div><div id=\"panel-665-0-0-3\" class=\"so-panel widget widget_sow-image\" data-index=\"3\" ><div\n\t\t\t\n\t\t\tclass=\"so-widget-sow-image so-widget-sow-image-default-c67d20f9f743-665\"\n\t\t\t\n\t\t>\n<div class=\"sow-image-container\">\n\t\t<img \n\tsrc=\"https:\/\/www.decoutere.eu\/wp-content\/uploads\/2023\/03\/CVE-2023-23397-2.jpg\" width=\"957\" height=\"329\" srcset=\"https:\/\/www.decoutere.eu\/wp-content\/uploads\/2023\/03\/CVE-2023-23397-2.jpg 957w, https:\/\/www.decoutere.eu\/wp-content\/uploads\/2023\/03\/CVE-2023-23397-2-300x103.jpg 300w, https:\/\/www.decoutere.eu\/wp-content\/uploads\/2023\/03\/CVE-2023-23397-2-768x264.jpg 768w\" sizes=\"(max-width: 957px) 100vw, 957px\" alt=\"\" \t\tclass=\"so-widget-image\"\/>\n\t<\/div>\n\n<\/div><\/div><div id=\"panel-665-0-0-4\" class=\"so-panel widget widget_sow-editor panel-last-child\" data-index=\"4\" ><div\n\t\t\t\n\t\t\tclass=\"so-widget-sow-editor so-widget-sow-editor-base\"\n\t\t\t\n\t\t>\n<div class=\"siteorigin-widget-tinymce textwidget\">\n\t<ul>\n<li><span class=\"p\">.\\<\/span><span class=\"n\">CVE<\/span><span class=\"p\">-<\/span><span class=\"n\">2023<\/span><span class=\"p\">-<\/span><span class=\"n\">23397<\/span><span class=\"p\">.<\/span><span class=\"n\">ps1<\/span> <span class=\"n\">-DeleteAzureApplication<\/span><\/li>\n<\/ul>\n<\/div>\n<\/div><\/div><\/div><\/div><\/div>","protected":false},"excerpt":{"rendered":"<p>cfr microsoft note : CVE-2023-23397 script &#8211; Microsoft &#8211; CSS-Exchange powershell in admin mode Connect-MSOLService Install-Module AzureAD import-Module ExchangeOnlineManagement Install-Module -Name ExchangeOnlineManagement -RequiredVersion 3.1.0 Connect-ExchangeOnline -UserPrincipalName user@domein.be .\\CVE-2023-23397.ps1 -CreateAzureApplication download : https:\/\/api.nuget.org\/v3-flatcontainer\/microsoft.exchange.webservices\/2.2.0\/microsoft.exchange.webservices.2.2.0.nupkg unzip download script : https:\/\/github.com\/microsoft\/CSS-Exchange\/releases\/latest\/download\/CVE-2023-23397.ps1 run in elevated powershell : Get-Mailbox | .\\CVE-2023-23397.ps1 -Environment &#8220;Online&#8221; .\\CVE-2023-23397.ps1 -DeleteAzureApplication<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-665","post","type-post","status-publish","format-standard","hentry","category-geen-categorie"],"_links":{"self":[{"href":"https:\/\/www.decoutere.eu\/index.php\/wp-json\/wp\/v2\/posts\/665","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.decoutere.eu\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.decoutere.eu\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.decoutere.eu\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.decoutere.eu\/index.php\/wp-json\/wp\/v2\/comments?post=665"}],"version-history":[{"count":14,"href":"https:\/\/www.decoutere.eu\/index.php\/wp-json\/wp\/v2\/posts\/665\/revisions"}],"predecessor-version":[{"id":681,"href":"https:\/\/www.decoutere.eu\/index.php\/wp-json\/wp\/v2\/posts\/665\/revisions\/681"}],"wp:attachment":[{"href":"https:\/\/www.decoutere.eu\/index.php\/wp-json\/wp\/v2\/media?parent=665"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.decoutere.eu\/index.php\/wp-json\/wp\/v2\/categories?post=665"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.decoutere.eu\/index.php\/wp-json\/wp\/v2\/tags?post=665"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}