Vulnerabilities > CVE-2018-8581 - Unspecified vulnerability in Microsoft Exchange Server

047910
CVSS 7.4 - HIGH
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
NONE
network
high complexity
microsoft
nessus

Summary

An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.

Nessus

NASL familyWindows
NASL idSMB_NT_MS18_NOV_EXCHANGE_SERVER_CVE-2018-8581.NASL
descriptionThe Microsoft Exchange install on the remote host contains an unspecified flaw that allows an authenticated, man-in-the-middle attacker to impersonate another user and escalate privileges.
last seen2020-06-01
modified2020-06-02
plugin id118978
published2018-11-16
reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/118978
titleMicrosoft Exchange Server Elevation of Privilege Vulnerability (November 2018)

The Hacker News

idTHN:FC0A657EEDC66A38CB29C06FB477EEF0
last seen2018-11-14
modified2018-11-14
published2018-11-14
reporterThe Hacker News
sourcehttps://thehackernews.com/2018/11/microsoft-patch-tuesday-updates.html
title63 New Flaws (Including 0-Days) Windows Users Need to Patch Now