7.4

CVE-2018-8581

Warnung
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftExchange Server Version2010 Update-
MicrosoftExchange Server Version2013 Update-
MicrosoftExchange Server Version2016 Update-
MicrosoftExchange Server Version2019 Update-

03.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Microsoft Exchange Server Privilege Escalation Vulnerability

Schwachstelle

A privilege escalation vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could attempt to impersonate any other user of the Exchange server.

Beschreibung

Apply updates per vendor instructions.

Erforderliche Maßnahmen
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 27.36% 0.978
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.4 2.2 5.2
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
nvd@nist.gov 5.8 8.6 4.9
AV:N/AC:M/Au:N/C:P/I:P/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.4 2.2 5.2
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.securityfocus.com/bid/105837
Third Party Advisory
Broken Link
VDB Entry
http://www.securitytracker.com/id/1042141
Third Party Advisory
Broken Link
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8581
Patch
Vendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-8581
US Government Resource