Описание
Microsoft Exchange Server Spoofing Vulnerability
FAQ
According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), integrity (I:H) and availability (A:H). What does that mean for this vulnerability?
An attacker who successfully exploited this vulnerability could access a user's Net-NTLMv2 hash which could be used as a basis of an NTLM Relay attack against another service to authenticate as the user.
According to the CVSS metric, privileges required is low (PR:L). Does the attacker need to be in an authenticated role on the Exchange Server?
Yes, the attacker must be authenticated with LAN-access and have credentials for a valid Exchange user.
How could an attacker exploit this vulnerability?
An authenticated attacker could achieve exploitation by using a PowerShell remoting session to the server.
According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?
An authenticated attacker could exploit this vulnerability with LAN access.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft Exchange Server 2019 Cumulative Update 12 | ||
| Microsoft Exchange Server 2016 Cumulative Update 23 | ||
| Microsoft Exchange Server 2019 Cumulative Update 13 |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
EPSS
8 High
CVSS3
Связанные уязвимости
Уязвимость метода IsUNCPath почтового сервера Microsoft Exchange Server, позволяющая нарушителю проводить спуфинг-атаки
EPSS
8 High
CVSS3