CVE-2018-8581

Warnung

EPSS 90.92%
Veröffentlicht 14.11.2018 01:29:01
Zuletzt bearbeitet 04.04.2025 20:30:27
Quelle secure@microsoft.com
Teams Watchlist Login
Unerledigt Login

An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.

Betroffene Produkte Warnungen 1 Metriken 4 CWE 0 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Exchange Server Version2010 Update-

Microsoft ≫ Exchange Server Version2013 Update-

Microsoft ≫ Exchange Server Version2016 Update-

Microsoft ≫ Exchange Server Version2019 Update-

03.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Microsoft Exchange Server Privilege Escalation Vulnerability

Schwachstelle

A privilege escalation vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could attempt to impersonate any other user of the Exchange server.

Beschreibung

Apply updates per vendor instructions.

Erforderliche Maßnahmen

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	90.92%	0.996

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.4	2.2	5.2	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
nvd@nist.gov	5.8	8.6	4.9	AV:N/AC:M/Au:N/C:P/I:P/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.4	2.2	5.2	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

http://www.securityfocus.com/bid/105837

Third Party Advisory

Broken Link

VDB Entry

http://www.securitytracker.com/id/1042141

Third Party Advisory

Broken Link

VDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8581

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2018-8581

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-8581

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-8581

EUVD