ID CVE-2018-8302
Summary A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka "Microsoft Exchange Memory Corruption Vulnerability." This affects Microsoft Exchange Server.
References
Vulnerable Configurations
  • cpe:2.3:a:microsoft:exchange_server:2010:sp3:*:*:*:*:*:*
    cpe:2.3:a:microsoft:exchange_server:2010:sp3:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_20:*:*:*:*:*:*
    cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_20:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_21:*:*:*:*:*:*
    cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_21:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_10:*:*:*:*:*:*
    cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_10:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_9:*:*:*:*:*:*
    cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_9:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 24-08-2020 - 17:37)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 104973
confirm https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8302
sectrack 1041468
Last major update 24-08-2020 - 17:37
Published 15-08-2018 - 17:29
Last modified 24-08-2020 - 17:37
Back to Top