28 lines
1.1 KiB
PowerShell
28 lines
1.1 KiB
PowerShell
Set-StrictMode -Version 2
|
|
|
|
$SNC = (Get-ADRootDSE).SchemaNamingContext
|
|
$ob = "CN=ms-Exch-Schema-Version-Pt," + $SNC
|
|
|
|
try {
|
|
$rangeupper = $(Get-ADObject $ob -Properties rangeUpper).rangeUpper
|
|
} catch {
|
|
Write-Host "Exchange Schema not found. Not vulnerable"
|
|
return
|
|
}
|
|
# Version list
|
|
# https://docs.microsoft.com/en-us/exchange/plan-and-deploy/prepare-ad-and-domains?view=exchserver-2019#exchange-active-directory-versions
|
|
|
|
# Exchange 2016 CU21 15334
|
|
# Exchange 2019 CU10 17003
|
|
|
|
if ($rangeupper -ge 17003) {
|
|
write-host "SECURE: Detected Exchange 2019 CU10 Schema"
|
|
} elseif ($rangeupper -lt 17003 -and $rangeupper -ge 17000) {
|
|
Write-Host "NOT SECURE: Detected Exchange 2019 schema of vulnerable version"
|
|
} elseif ($rangeupper -lt 17000 -and $rangeupper -ge 15334) {
|
|
Write-Host "SECURE: Detected Exchange 2016 CU21 Schema"
|
|
} elseif ($rangeupper -lt 15334 -and $rangeupper -ge 15317) {
|
|
Write-Host "NOT SECURE: Detected Exchange 2016 schema of vulnerable version"
|
|
} else {
|
|
Write-Host "Unknown: Schema information not documented for earlier versions of Exchange"
|
|
} |