CVE-2018-8581

Warning

EPSS 90.92%
Published 14.11.2018 01:29:01
Last modified 04.04.2025 20:30:27
Source secure@microsoft.com
Teams watchlist Login
Open Login

An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.

Affected products Warnungen 1 Metrics 4 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Exchange Server Version2010 Update-

Microsoft ≫ Exchange Server Version2013 Update-

Microsoft ≫ Exchange Server Version2016 Update-

Microsoft ≫ Exchange Server Version2019 Update-

03.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Microsoft Exchange Server Privilege Escalation Vulnerability

Vulnerability

A privilege escalation vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could attempt to impersonate any other user of the Exchange server.

Description

Apply updates per vendor instructions.

Required actions

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	90.92%	0.996

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.4	2.2	5.2	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
nvd@nist.gov	5.8	8.6	4.9	AV:N/AC:M/Au:N/C:P/I:P/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.4	2.2	5.2	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

http://www.securityfocus.com/bid/105837

Third Party Advisory

Broken Link

VDB Entry

http://www.securitytracker.com/id/1042141

Third Party Advisory

Broken Link

VDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8581

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2018-8581

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-8581

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-8581

EUVD