Main Vulnerability Database Vulnerabilities #VU17588

#VU17588 Improper access control in Microsoft Exchange Server - CVE-2019-0724

Published: February 12, 2019 / Updated: October 29, 2019

Vulnerability identifier: #VU17588

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:A/U:Green

CVE-ID: CVE-2019-0724

CWE-ID: CWE-284

Exploitation vector: Remote access

Exploit availability: Public exploit is available

Vulnerable software:
Microsoft Exchange Server

Software vendor:
Microsoft

Description

The vulnerability allows a remote authenticated user to gain escalated privileges.

The vulnerability exists due to improper access restrictions within Exchange Web Services (EWS). A remote authenticated user with limited privileges and mailbox access can perform man-in-the-moddle (MitM) attack to forward an authentication request to a Microsoft Active Directory domain controller and gain elevated privileges on the domain controller.

Successful exploitation of the vulnerability may allow an attacker to gain full access to the Active Directory infrastructure.

Remediation

Install updated from vendor's website.

#VU17588 Improper access control in Microsoft Exchange Server - CVE-2019-0724

Description

Remediation

External links