Headline
CVE-2023-38185: Microsoft Exchange Server Remote Code Execution Vulnerability
According to the CVSS metric, privileges required is low (PR:L). Does the attacker need to be in an authenticated role on the Exchange Server?
Yes, the attacker must be authenticated.