Microsoft has released Security Updates (SUs) for vulnerabilities found in:
Exchange Server 2013
Exchange Server 2016
Exchange Server 2019
SUs are available in a self-extracting auto-elev...
Updated May 08, 2023
Version 22.0
Blog Post
Installed patch but cannot scan mailboxes...
Running in elevated exchange PS on exchange itself, user HAS ImpersonateApp role...
cmdlet CVE-2023-23397.ps1 at command pipeline position 2
Supply values for the following parameters:
Credential
CVE-2023-23397 script version 23.03.14.1625
Exception setting "Credentials": "Cannot convert the "Microsoft.Exchange.WebServices.Data.WebCredentials" value of type "Microsoft.Exchange.WebServices.Data.WebCredentials" to type "Microsoft.Exchange.WebServices.Data.ExchangeCredentials"."
At C:\Users\Administrator.DOMAIN\Desktop\CVE-2023-23397.ps1:1050 char:13
+ $Service.Credentials = New-Object Microsoft.Exchange.WebS ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], SetValueInvocationException
+ FullyQualifiedErrorId : ExceptionWhenSetting
Exception setting "ImpersonatedUserId": "Cannot convert the "Microsoft.Exchange.WebServices.Data.ImpersonatedUserId" value of type "Microsoft.Exchange.WebServices.Data.ImpersonatedUserId" to type "Microsoft.Exchange.WebServices.Data.ImpersonatedUserId"."
[03/14/2023 19:31:34] : Scanning 3 of 7 mailboxes (currently: DiscoverySearchMailbox{GUID2}@domain.com)
[03/14/2023 19:31:34] : Unable to process mailbox DiscoverySearchMailbox{DiscoverySearchMailbox{GUID2}@domain.com, Either you don't have proper impersonation rights or the mailbox is inaccessible. Inner Exception: