Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Microsoft Exchange server 2013 and newer are vulnerable to NTLM relay attacks

🗓️ 28 Jan 2019 00:00:00Reported by Dirk-jan MollemaType 
cert
 cert🔗 www.kb.cert.org👁 253 Views

Microsoft Exchange 2013 and newer vulnerable to NTLM relay attacks. EWS PushSubscriptionRequest function allows remote attackers to gain privileges. Update or disable EWS subscriptions to mitigate

Related
Refs
ReporterTitlePublishedViews
Family
Information Security Automation		Vulnerability Management at Tinkoff Fintech School
4 Mar 201910:38
avleonov
BDU FSTEC		The vulnerability of Microsoft Exchange Server, related to access control deficiencies, allows a perpetrator to gain access to protected information or modify file access rights.
6 Mar 201900:00
bdu_fstec
BDU FSTEC		The vulnerability of Microsoft Exchange Server’s mail server, related to inadequate access control, allows a hacker to alter the access rights to files.
6 Mar 201900:00
bdu_fstec
Circl		CVE-2019-0686
13 Feb 201914:35
circl
Circl		CVE-2019-0724
18 Oct 201911:36
circl
Check Point Advisories		Microsoft Exchange Privilege Escalation (CVE-2019-0724)
30 Dec 201900:00
checkpoint_advisories
CVE		CVE-2019-0686
6 Mar 201900:00
cve
CVE		CVE-2019-0724
6 Mar 201900:00
cve
Cvelist		CVE-2019-0686
6 Mar 201900:00
cvelist
Cvelist		CVE-2019-0724
6 Mar 201900:00
cvelist
Rows per page
SourceLink
dirkjanmwww.dirkjanm.io/abusing-exchange-one-api-call-away-from-domain-admin/
portalwww.portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190007
portalwww.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0686
portalwww.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0724
thezdiwww.thezdi.com/blog/2018/12/19/an-insincere-form-of-flattery-impersonating-users-on-microsoft-exchange
docswww.docs.microsoft.com/en-us/dotnet/api/microsoft.exchange.webservices.data.pushsubscription
docswww.docs.microsoft.com/en-us/exchange/client-developer/web-service-reference/pushsubscriptionrequest
docswww.docs.microsoft.com/en-us/previous-versions/office/developer/exchange-server-2010/dd877045(v%3Dexchg.140)
msdnwww.msdn.microsoft.com/en-us/library/cc236702.aspx
msdnwww.msdn.microsoft.com/en-us/library/cc236707.aspx
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
21 Jun 2019 20:21Current
8.2High risk
Vulners AI Score8.2
CVSS 29.3
CVSS 37.4
CVSS 3.18.1
EPSS0.23799
microsoft exchangentlm relayremote attackerewsupdatedisableactive directoryvulnerability
253