Vulnerabilities > CVE-2018-8581 - Unspecified vulnerability in Microsoft Exchange Server
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
NONE Summary
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 4 |
Nessus
NASL family | Windows |
NASL id | SMB_NT_MS18_NOV_EXCHANGE_SERVER_CVE-2018-8581.NASL |
description | The Microsoft Exchange install on the remote host contains an unspecified flaw that allows an authenticated, man-in-the-middle attacker to impersonate another user and escalate privileges. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 118978 |
published | 2018-11-16 |
reporter | This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/118978 |
title | Microsoft Exchange Server Elevation of Privilege Vulnerability (November 2018) |
The Hacker News
id | THN:FC0A657EEDC66A38CB29C06FB477EEF0 |
last seen | 2018-11-14 |
modified | 2018-11-14 |
published | 2018-11-14 |
reporter | The Hacker News |
source | https://thehackernews.com/2018/11/microsoft-patch-tuesday-updates.html |
title | 63 New Flaws (Including 0-Days) Windows Users Need to Patch Now |
References
- http://www.securityfocus.com/bid/105837
- http://www.securityfocus.com/bid/105837
- http://www.securitytracker.com/id/1042141
- http://www.securitytracker.com/id/1042141
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8581
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8581