Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

msrc логотип

CVE-2018-8581

Опубликовано: 13 нояб. 2018
Источник: msrc
EPSS Критический

Описание

Microsoft Exchange Server Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could attempt to impersonate any other user of the Exchange server.

To exploit the vulnerability, an attacker would need to execute a man-in-the-middle attack to forward an authentication request to a Microsoft Exchange Server, thereby allowing impersonation of another Exchange user.

To address this vulnerability, a registry value which enables NTLM authentication on the network loopback adapter needs to be removed. Future cumulative updates will ensure that this registry setting is configured correctly during installation of the cumulative update.

FAQ

A registry value DisableLoopbackCheck exists under the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa. The vulnerability described by CVE-2018-8581 is unexploitable if the DisableLoopbackCheck registry value is removed.

To remove the registry value, type the following command in an elevated CMD window:

reg delete HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa /v DisableLoopbackCheck /f

Neither a restart of the operating system nor the Exchange Server is required after the removal of this registry value.

Note: It is important to remove only the DisableLoopbackCheck value. Care should be taken to not remove the Lsa key.

Возможность эксплуатации

Publicly Disclosed

No

Exploited

No

Latest Software Release

Exploitation Less Likely

Older Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 100%
0.915
Критический

Связанные уязвимости

nvd логотип

CVE-2018-8581

CVSS3: 7.4
nvd
около 7 лет назад

An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.

github логотип

GHSA-h9jh-6fmr-vvc6

CVSS3: 7.4
github
больше 3 лет назад

An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.

fstec логотип

BDU:2019-00409

CVSS3: 8.1
fstec
около 7 лет назад

Уязвимость почтового сервера Microsoft Exchange Server, связанная с ошибками разграничения доступа, позволяющая нарушителю повысить свои привилегии

msrc логотип

CVE-2021-27065

CVSS3: 7.8
msrc
почти 5 лет назад

Microsoft Exchange Server Remote Code Execution Vulnerability

msrc логотип

CVE-2021-26858

CVSS3: 7.8
msrc
почти 5 лет назад

Microsoft Exchange Server Remote Code Execution Vulnerability

EPSS

Процентиль: 100%
0.915
Критический