[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Microsoft Exchange Server Elevation of Privilege Vulnerability - CVE-2019-1136

ID: oval:org.secpod.oval:def:57255Date: (C)2019-07-10   (M)2024-03-26
Class: VULNERABILITYFamily: windows




An elevation of privilege vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could gain the same rights as any other user of the Exchange server. This could allow the attacker to perform activities such as accessing the mailboxes of other users.Exploitation of this vulnerability requires Exchange Web Services (EWS) to be enabled and in use in an affected environment. To exploit the vulnerability, an attacker would need to execute a man-in-the-middle attack to forward an authentication request to a Microsoft Exchange Server, thereby allowing impersonation of another Exchange user.

Platform:
Microsoft Windows 10
Microsoft Windows 7
Microsoft Windows 8.1
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product:
Microsoft Exchange Server 2016
Microsoft Exchange Server 2010
Microsoft Exchange Server 2013
Reference:
CVE-2019-1136
CVE    1
CVE-2019-1136
CPE    6
cpe:/a:microsoft:exchange_server:2010
cpe:/a:microsoft:exchange_server:2013
cpe:/a:microsoft:exchange_server:2016
cpe:/a:microsoft:exchange_server:2016:cu13
...

© SecPod Technologies