CVE-2018-0941

Опубликовано: 14 мар. 2018

Источник: nvd

CVSS3: 5.5

CVSS2: 4.3

EPSS Средний

Описание

Microsoft Exchange Server 2016 Cumulative Update 7 and Microsoft Exchange Server 2016 Cumulative Update 8 allow an information disclosure vulnerability due to how data is imported, aka "Microsoft Exchange Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0924.

Ссылки

http://www.securityfocus.com/bid/103318
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1040521
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0941
Patch
Vendor Advisory
http://www.securityfocus.com/bid/103318
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1040521
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0941
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_7:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_8:*:*:*:*:*:*

EPSS

Процентиль: 96%

0.25846

Средний

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

CVE-2018-0941

msrc

больше 7 лет назад

Microsoft Exchange Information Disclosure Vulnerability

GHSA-x3h6-6762-5q8f

CVSS3: 5.5

github

около 3 лет назад

CVE-2021-27065

CVSS3: 7.8

msrc

больше 4 лет назад

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2021-26858

CVSS3: 7.8

msrc

больше 4 лет назад

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2021-26857

CVSS3: 7.8

msrc

больше 4 лет назад

Microsoft Exchange Server Remote Code Execution Vulnerability

EPSS

Процентиль: 96%

0.25846

Средний

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

NVD-CWE-noinfo