8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.076 Low
EPSS
Percentile
94.1%
02/12/2019
High
Multiple elevation of privilege vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to gain privileges.
Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 26
Microsoft Exchange Server 2016 Cumulative Update 12
Microsoft Exchange Server 2013 Cumulative Update 22
Microsoft Exchange Server 2019 Cumulative Update 1
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2019-0724
CVE-2019-0686
ADV190004
PE
CVE-2019-07249.3Critical
CVE-2019-06865.8High
4471391
4471392
4487052
4345836
support.microsoft.com/kb/4345836
support.microsoft.com/kb/4471391
support.microsoft.com/kb/4471392
support.microsoft.com/kb/4487052
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0686
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0724
portal.msrc.microsoft.com/en-us/security-guidance
portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190004
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0686
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0724
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Microsoft-Exchange-Server/
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.076 Low
EPSS
Percentile
94.1%