CVE-2018-8152

Опубликовано: 09 мая 2018

Источник: nvd

CVSS3: 5.4

CVSS2: 5.8

EPSS Низкий

Описание

An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.

Ссылки

http://www.securityfocus.com/bid/104043
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1040850
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8152
Patch
Vendor Advisory
http://www.securityfocus.com/bid/104043
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1040850
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8152
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_8:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_9:*:*:*:*:*:*

EPSS

Процентиль: 79%

0.01349

Низкий

5.4 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

CVE-2018-8152

msrc

больше 7 лет назад

Microsoft Exchange Server Elevation of Privilege Vulnerability

GHSA-pq9h-wc5w-r94q

CVSS3: 5.4

github

больше 3 лет назад

CVE-2021-27065

CVSS3: 7.8

msrc

больше 4 лет назад

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2021-26858

CVSS3: 7.8

msrc

больше 4 лет назад

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2021-26857

CVSS3: 7.8

msrc

больше 4 лет назад

Microsoft Exchange Server Remote Code Execution Vulnerability

EPSS

Процентиль: 79%

0.01349

Низкий

5.4 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-79