CVE-2002-0054 — Authentication Bypass by Capture-replay in Microsoft Exchange Server

CWE-294 — Authentication Bypass by Capture-replay3 documents3 sources

Severity

7.5HIGHNVD

EPSS

12.5%

top 6.04%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Exchange Server

Timeline

PublishedMar 8

Latest updateApr 30

Description

SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange Server 5.5 does not properly handle responses to NTLM authentication, which allows remote attackers to perform mail relaying via an SMTP AUTH command using null session credentials.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDmicrosoft/exchange_server5.5

Patches

Patch: www.securityfocus.com ↗Patch: docs.microsoft.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-7h4w-2f9g-63r2: SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange Server 5↗2022-04-30

▶

CVEList

CVE-2002-0054: SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange Server 5↗2003-04-02

▶