ID |
CVE-2018-8154
|
Summary |
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka "Microsoft Exchange Memory Corruption Vulnerability." This affects Microsoft Exchange Server. This CVE ID is unique from CVE-2018-8151. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:microsoft:exchange_server:2010:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:2010:sp3:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_19:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_19:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_20:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_20:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:exchange_server:2013:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:2013:sp1:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_8:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_8:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_9:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_9:*:*:*:*:*:*
|
CVSS |
Base: | 10.0 (as of 24-08-2020 - 17:37) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-787 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
COMPLETE |
COMPLETE |
COMPLETE |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
refmap
via4
|
|
Last major update |
24-08-2020 - 17:37 |
Published |
09-05-2018 - 19:29 |
Last modified |
24-08-2020 - 17:37 |