Main Vulnerability Database Vulnerabilities #VU17588

Improper access control in Microsoft Exchange Server - CVE-2019-0724

Published: February 12, 2019 / Updated: October 29, 2019

Vulnerability identifier: #VU17588

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:A/U:Green

CVE-ID: CVE-2019-0724

CWE-ID: CWE-284

Exploitation vector: Remote access

Exploit availability: Public exploit is available

Vendor: Microsoft

Affected software:
Microsoft Exchange Server

Detailed vulnerability description

The vulnerability allows a remote authenticated user to gain escalated privileges.

The vulnerability exists due to improper access restrictions within Exchange Web Services (EWS). A remote authenticated user with limited privileges and mailbox access can perform man-in-the-moddle (MitM) attack to forward an authentication request to a Microsoft Active Directory domain controller and gain elevated privileges on the domain controller.

Successful exploitation of the vulnerability may allow an attacker to gain full access to the Active Directory infrastructure.

How to mitigate CVE-2019-0724

Install updated from vendor's website.

Improper access control in Microsoft Exchange Server - CVE-2019-0724

Detailed vulnerability description

How to mitigate CVE-2019-0724

Sources

Please verify you're human