Main Vulnerability Database Exploits ID:88 - Exploit for Improper access control in Microsoft Exchange Server - CVE-2019-0724

ID:88 - Exploit for Improper access control in Microsoft Exchange Server - CVE-2019-0724

Published: March 18, 2020

Vulnerability identifier: #VU17588

Vulnerability risk: Medium

CVE-ID: CVE-2019-0724

CWE-ID: CWE-284

Exploitation vector: Remote access

Vulnerable software:
Microsoft Exchange Server

Link to public exploit:

https://www.rapid7.com/db/modules/auxiliary/scanner/http/exchange_web_server_pushsubscription

Vulnerability description

The vulnerability allows a remote authenticated user to gain escalated privileges.

The vulnerability exists due to improper access restrictions within Exchange Web Services (EWS). A remote authenticated user with limited privileges and mailbox access can perform man-in-the-moddle (MitM) attack to forward an authentication request to a Microsoft Active Directory domain controller and gain elevated privileges on the domain controller.

Successful exploitation of the vulnerability may allow an attacker to gain full access to the Active Directory infrastructure.

Remediation

Install updated from vendor's website.

ID:88 - Exploit for Improper access control in Microsoft Exchange Server - CVE-2019-0724

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human