6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
6.8 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.026 Low
EPSS
Percentile
90.0%
03/13/2018
Warning
Multiple serious vulnerabilities have been found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to obtain sensitive information and gain privileges.
Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 20
Microsoft Exchange Server 2013 Cumulative Update 18
Microsoft Exchange Server 2013 Cumulative Update 19
Microsoft Exchange Server 2013 Service Pack 1
Microsoft Exchange Server 2016 Cumulative Update 7
Microsoft Exchange Server 2016 Cumulative Update 8
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2018-0924
CVE-2018-0940
CVE-2018-0941
OSI
CVE-2018-09244.3Warning
CVE-2018-09404.3Warning
CVE-2018-09414.3Warning
support.microsoft.com/kb/4073392
support.microsoft.com/kb/4073537
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0924
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0940
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0941
portal.msrc.microsoft.com/en-us/security-guidance
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0924
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0940
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0941
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Microsoft-Exchange-Server/
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
6.8 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.026 Low
EPSS
Percentile
90.0%