10 matches found
Microsoft Exchange Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Exchange Privilege Escalation Exploit', 'Description' = %q This module exploits a privilege escalation vulnerability found in Microsoft...
Microsoft Exchange Privilege Escalation (CVE-2019-0724)
An elevation of privilege vulnerability exists in Microsoft Exchange. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2019-0724
creationtimestamp| type| source ---|---|--- 2019-10-18 11:36:43+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/exchangewebserverpushsubscription.rb 2025-02-06 03:13:43+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23...
CVE-2019-0724
CVE-2019-0724 is a Microsoft Exchange Server privilege-escalation vulnerability. Exploitation (documented in Metasploit module) can force Exchange to authenticate to an attacker-controlled URL via the PushSubscription feature, permitting NTLM relay to a Domain Controller and use of Exchange privi...
CVE-2019-0724
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0686...
CVE-2019-0724
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0686...
Privilege escalation
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0724...
Microsoft Exchange Privilege Escalation Exploit
This module exploits a privilege escalation vulnerability found in Microsoft Exchange - CVE-2019-0724 Execution of the module will force Exchange to authenticate to an arbitrary URL over HTTP via the Exchange PushSubscription feature. This allows us to relay the NTLM authentication to a Domain...
Cumulative Update 12 for Exchange Server 2016
Cumulative Update 12 for Exchange Server 2016 Cumulative Update 12 for Microsoft Exchange Server 2016 was released on February 12, 2019. This cumulative update is a security update. It includes fixes for nonsecurity issues and all previously released fixes for security and nonsecurity issues. The...
KLA11420 Multiple vulnerabilities in Microsoft Exchange Server
Multiple elevation of privilege vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to gain privileges. Original advisories CVE-2019-0724 CVE-2019-0686 ADV190004 Related products Microsoft-Exchange-Server CVE list CVE-2019-0724 critical...