CVE-2019-0686
published 2019-03-05CVE-2019-0686: An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. This CVE ID…
PriorityP344high7.4CVSS 3.0
AVNACHPRNUINSUCHIHAN
EPSS
5.04%
91.2th percentile
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0724.
Affected
31 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | exchange_server | — | — |
| microsoft | exchange_server | — | — |
| microsoft | exchange_server | — | — |
| microsoft | exchange_server | — | — |
| microsoft | microsoft_exchange_server_2010 | — | — |
| microsoft | microsoft_exchange_server_2013 | — | — |
| microsoft | microsoft_exchange_server_2016 | — | — |
| microsoft | microsoft_exchange_server_2019 | — | — |
| msrc | microsoft_exchange_server_2010_service_pack_3 | — | — |
| msrc | microsoft_exchange_server_2010_service_pack_3_update_rollup_26 | — | — |
| msrc | microsoft_exchange_server_2013_cumulative_update_21 | — | — |
| msrc | microsoft_exchange_server_2013_cumulative_update_22 | — | — |
| msrc | microsoft_exchange_server_2013_cumulative_update_23 | — | — |
| msrc | microsoft_exchange_server_2013_service_pack_1 | — | — |
| msrc | microsoft_exchange_server_2016_cumulative_update_10 | — | — |
| msrc | microsoft_exchange_server_2016_cumulative_update_11 | — | — |
| msrc | microsoft_exchange_server_2016_cumulative_update_12 | — | — |
| msrc | microsoft_exchange_server_2016_cumulative_update_13 | — | — |
| msrc | microsoft_exchange_server_2016_cumulative_update_14 | — | — |
| msrc | microsoft_exchange_server_2016_cumulative_update_15 | — | — |
| msrc | microsoft_exchange_server_2016_cumulative_update_16 | — | — |
| msrc | microsoft_exchange_server_2016_cumulative_update_17 | — | — |
| msrc | microsoft_exchange_server_2016_cumulative_update_18 | — | — |
| msrc | microsoft_exchange_server_2016_cumulative_update_19 | — | — |
| msrc | microsoft_exchange_server_2016_cumulative_update_8 | — | — |
CVSS provenance
nvdv3.07.4HIGHCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
nvdv2.05.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:N
vendor_msrc9.1CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-r53v-h866-83xq: An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'
ghsa_unreviewed·2022-05-13·CVSS 7.4
CVE-2019-0724 [HIGH] GHSA-r53v-h866-83xq: An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0686.
GHSA
GHSA-95f3-h5c9-7w6c: An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'
ghsa_unreviewed·2022-05-13·CVSS 8.1
CVE-2019-0686 [HIGH] GHSA-95f3-h5c9-7w6c: An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0724.
Microsoft
Microsoft Exchange Server Remote Code Execution Vulnerability
vendor_msrc·2021-03-09·CVSS 7.8
CVE-2021-26857 [CRITICAL] Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
FAQ: Is this vulnerability being used in an active attack?
Yes. The vulnerability described in this CVE is one of four vulnerabilities that are being exploited in an active attack. The security updates address this attack. More information can be found here: https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server.
What is the target for this attack?
The initial attack in this attack chain targets an Exchange On-prem server that is able to receive untrusted connections from an external source. In addition, the Exchange server would need to be running Microsoft Exchange Server 2013, 2016, or 2019.
Where can I get more information about how to protect myself from the vulnerabilities?
Pleas
Microsoft
Microsoft Exchange Server Remote Code Execution Vulnerability
vendor_msrc·2021-03-09·CVSS 9.1
CVE-2021-26855 [CRITICAL] Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
FAQ: Is this vulnerability being used in an active attack?
Yes. The vulnerability described in this CVE is one of four vulnerabilities that are being exploited in an active attack. The security updates address this attack. More information can be found here: https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server.
What is the target for this attack?
The initial attack in this attack chain targets an Exchange On-prem server that is able to receive untrusted connections from an external source. In addition, the Exchange server would need to be running Microsoft Exchange Server 2013, 2016, or 2019.
Where can I get more information about how to protect myself from the vulnerabilities?
Pleas
Microsoft
Microsoft Exchange Server Remote Code Execution Vulnerability
vendor_msrc·2021-03-09·CVSS 7.8
CVE-2021-27065 [CRITICAL] Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
FAQ: Is this vulnerability being used in an active attack?
Yes. The vulnerability described in this CVE is one of four vulnerabilities that are being exploited in an active attack. The security updates address this attack. More information can be found here: https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server.
What is the target for this attack?
The initial attack in this attack chain targets an Exchange On-prem server that is able to receive untrusted connections from an external source. In addition, the Exchange server would need to be running Microsoft Exchange Server 2013, 2016, or 2019.
Where can I get more information about how to protect myself from the vulnerabilities?
Pleas
Microsoft
Microsoft Exchange Server Remote Code Execution Vulnerability
vendor_msrc·2021-03-09·CVSS 7.8
CVE-2021-26858 [CRITICAL] Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
FAQ: Is this vulnerability being used in an active attack?
Yes. The vulnerability described in this CVE is one of four vulnerabilities that are being exploited in an active attack. The security updates address this attack. More information can be found here: https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server.
What is the target for this attack?
The initial attack in this attack chain targets an Exchange On-prem server that is able to receive untrusted connections from an external source. In addition, the Exchange server would need to be running Microsoft Exchange Server 2013, 2016, or 2019.
Where can I get more information about how to protect myself from the vulnerabilities?
Pleas
Microsoft
Microsoft Exchange Server Elevation of Privilege Vulnerability
vendor_msrc·2019-02-12·CVSS 7.4
CVE-2019-0686 [HIGH] Microsoft Exchange Server Elevation of Privilege Vulnerability
Microsoft Exchange Server Elevation of Privilege Vulnerability
Description: An elevation of privilege vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could gain the same rights as any other user of the Exchange server. This could allow the attacker to perform activities such as accessing the mailboxes of other users.
Exploitation of this vulnerability requires Exchange Web Services (EWS) and Push Notifications to be enabled and in use in an affected environment. To exploit the vulnerability, an attacker would need to execute a man-in-the-middle attack to forward an authentication request to a Microsoft Exchange Server, thereby allowing impersonation of another Exchange user.
To address this vulnerability, Microsoft has changed t
Microsoft
Microsoft Exchange Server Elevation of Privilege Vulnerability
vendor_msrc·2019-02-12·CVSS 7.4
CVE-2019-0724 [HIGH] Microsoft Exchange Server Elevation of Privilege Vulnerability
Microsoft Exchange Server Elevation of Privilege Vulnerability
Description: An elevation of privilege vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could gain the same rights as a Domain Administrator.
Exploitation of this vulnerability requires Exchange Web Services (EWS) and Push Notifications to be enabled and in use in an affected environment. To exploit the vulnerability, an attacker would need to execute a man-in-the-middle attack to forward an authentication request to a Microsoft Active Directory domain controller, thereby facilitating gaining of increased privileges on the domain controller.
To address this vulnerability, Microsoft has evaluated the rights granted to Exchange Servers and Exchange Administrators in the
No detection rules found.
No public exploits indexed.
Trendmicro
February Patch Tuesday: Batch Includes 77 Updates
blogs_trendmicro·2019-02-13·CVSS 9.8
[CRITICAL] February Patch Tuesday: Batch Includes 77 Updates
Exploits & Vulnerabilities
## February Patch Tuesday: Batch Includes 77 Updates
Microsoft released 77 updates, along with three new advisories, in this month’s Patch Tuesday. It includes fixes for ChakraCore, Edge, Exchange Server, Internet Explorer (IE), Microsoft Windows, Office, among others.
By: Trend Micro Research Feb 13, 2019 Read time: ( words)
Save to Folio
It’s time to get security updates installed. Microsoft released 77 updates, along with three new advisories, in this month’s Patch Tuesday. The bulletin patches four publicly known bugs, rated Important, and one that is under active attack. It includes fixes for ChakraCore, Edge, Exchange Server, Internet Explorer (IE), Microsoft Windows, Office and Microsoft Office Services and Web Apps, Azure, Team Foundation Services, a
Trendmicro
February Patch Tuesday: Batch Includes 77 Updates
blogs_trendmicro·2019-02-13·CVSS 9.8
[CRITICAL] February Patch Tuesday: Batch Includes 77 Updates
Exploits & Vulnerabilities
# February Patch Tuesday: Batch Includes 77 Updates
Microsoft released 77 updates, along with three new advisories, in this month’s Patch Tuesday. It includes fixes for ChakraCore, Edge, Exchange Server, Internet Explorer (IE), Microsoft Windows, Office, among others.
By: Trend Micro Research
Feb 13, 2019
Read time: ( words)
Save to Folio
It’s time to get security updates installed. Microsoft released 77 updates, along with three new advisories, in this month’s Patch Tuesday. The bulletin patches four publicly known bugs, rated Important, and one that is under active attack. It includes fixes for ChakraCore, Edge, Exchange Server, Internet Explorer (IE), Microsoft Windows, Office and Microsoft Office Services and Web Apps, Azure, Team Foundation Services, a
Trendmicro
February Patch Tuesday: Batch Includes 77 Updates
blogs_trendmicro·2019-02-13·CVSS 9.8
[CRITICAL] February Patch Tuesday: Batch Includes 77 Updates
Exploits y vulnerabilidades
## February Patch Tuesday: Batch Includes 77 Updates
Microsoft released 77 updates, along with three new advisories, in this month’s Patch Tuesday. It includes fixes for ChakraCore, Edge, Exchange Server, Internet Explorer (IE), Microsoft Windows, Office, among others.
By: Trend Micro Research Feb 13, 2019 Read time: ( words)
Save to Folio
It’s time to get security updates installed. Microsoft released 77 updates, along with three new advisories, in this month’s Patch Tuesday. The bulletin patches four publicly known bugs, rated Important, and one that is under active attack. It includes fixes for ChakraCore, Edge, Exchange Server, Internet Explorer (IE), Microsoft Windows, Office and Microsoft Office Services and Web Apps, Azure, Team Foundation Services,
Krebs
Patch Tuesday, February 2019 Edition
blogs_krebs·2019-02-13·CVSS 9.8
[CRITICAL] Patch Tuesday, February 2019 Edition
Microsoft on Tuesday issued a bevy of patches to correct at least 70 distinct security vulnerabilities in Windows and software designed to interact with various flavors of the operating system. This month’s patch batch tackles some notable threats to enterprises — including multiple flaws that were publicly disclosed prior to Patch Tuesday. It also bundles fixes to quash threats relevant to end users, including critical updates for Adobe Flash Player and Microsoft Office , as well as a zero-day bug in Internet Explorer .
Some 20 of the flaws addressed in February’s update bundle are weaknesses labeled “critical,” meaning Microsoft believes that attackers or malware could exploit them to fully compromise systems through little or no help from users — save from convincing a user to visit a
Trendmicro
February Patch Tuesday: Batch Includes 77 Updates
blogs_trendmicro·2019-02-13·CVSS 9.8
[CRITICAL] February Patch Tuesday: Batch Includes 77 Updates
Exploits & Vulnerabilities
## February Patch Tuesday: Batch Includes 77 Updates
Microsoft released 77 updates, along with three new advisories, in this month’s Patch Tuesday. It includes fixes for ChakraCore, Edge, Exchange Server, Internet Explorer (IE), Microsoft Windows, Office, among others.
By: Trend Micro Research 2019/02/13 Read time: ( words)
Save to Folio
It’s time to get security updates installed. Microsoft released 77 updates, along with three new advisories, in this month’s Patch Tuesday. The bulletin patches four publicly known bugs, rated Important, and one that is under active attack. It includes fixes for ChakraCore, Edge, Exchange Server, Internet Explorer (IE), Microsoft Windows, Office and Microsoft Office Services and Web Apps, Azure, Team Foundation Services, and
Trendmicro
February Patch Tuesday: Batch Includes 77 Updates
blogs_trendmicro·2019-02-13·CVSS 9.8
[CRITICAL] February Patch Tuesday: Batch Includes 77 Updates
Sfruttamento vulnerabilità
## February Patch Tuesday: Batch Includes 77 Updates
Microsoft released 77 updates, along with three new advisories, in this month’s Patch Tuesday. It includes fixes for ChakraCore, Edge, Exchange Server, Internet Explorer (IE), Microsoft Windows, Office, among others.
By: Trend Micro Research Feb 13, 2019 Read time: ( words)
Save to Folio
It’s time to get security updates installed. Microsoft released 77 updates, along with three new advisories, in this month’s Patch Tuesday. The bulletin patches four publicly known bugs, rated Important, and one that is under active attack. It includes fixes for ChakraCore, Edge, Exchange Server, Internet Explorer (IE), Microsoft Windows, Office and Microsoft Office Services and Web Apps, Azure, Team Foundation Services, a
Trendmicro
February Patch Tuesday: Batch Includes 77 Updates
blogs_trendmicro·2019-02-13·CVSS 9.8
[CRITICAL] February Patch Tuesday: Batch Includes 77 Updates
Ausnutzung von Schwachstellen
## February Patch Tuesday: Batch Includes 77 Updates
Microsoft released 77 updates, along with three new advisories, in this month’s Patch Tuesday. It includes fixes for ChakraCore, Edge, Exchange Server, Internet Explorer (IE), Microsoft Windows, Office, among others.
By: Trend Micro Research Feb 13, 2019 Read time: ( words)
Save to Folio
It’s time to get security updates installed. Microsoft released 77 updates, along with three new advisories, in this month’s Patch Tuesday. The bulletin patches four publicly known bugs, rated Important, and one that is under active attack. It includes fixes for ChakraCore, Edge, Exchange Server, Internet Explorer (IE), Microsoft Windows, Office and Microsoft Office Services and Web Apps, Azure, Team Foundation Services
Trendmicro
February Patch Tuesday: Batch Includes 77 Updates
blogs_trendmicro·2019-02-13·CVSS 9.8
[CRITICAL] February Patch Tuesday: Batch Includes 77 Updates
Exploits & Vulnerabilities
# February Patch Tuesday: Batch Includes 77 Updates
Microsoft released 77 updates, along with three new advisories, in this month’s Patch Tuesday. It includes fixes for ChakraCore, Edge, Exchange Server, Internet Explorer (IE), Microsoft Windows, Office, among others.
By: Trend Micro Research
2019/02/13
Read time: ( words)
Save to Folio
It’s time to get security updates installed. Microsoft released 77 updates, along with three new advisories, in this month’s Patch Tuesday. The bulletin patches four publicly known bugs, rated Important, and one that is under active attack. It includes fixes for ChakraCore, Edge, Exchange Server, Internet Explorer (IE), Microsoft Windows, Office and Microsoft Office Services and Web Apps, Azure, Team Foundation Services, and
Trendmicro
February Patch Tuesday: Batch Includes 77 Updates
blogs_trendmicro·2019-02-13·CVSS 9.8
[CRITICAL] February Patch Tuesday: Batch Includes 77 Updates
Exploits & Vulnerabilities
## February Patch Tuesday: Batch Includes 77 Updates
Microsoft released 77 updates, along with three new advisories, in this month’s Patch Tuesday. It includes fixes for ChakraCore, Edge, Exchange Server, Internet Explorer (IE), Microsoft Windows, Office, among others.
By: Trend Micro Research Feb 13, 2019 Read time: ( words)
Save to Folio
It’s time to get security updates installed. Microsoft released 77 updates, along with three new advisories, in this month’s Patch Tuesday. The bulletin patches four publicly known bugs, rated Important, and one that is under active attack. It includes fixes for ChakraCore, Edge, Exchange Server, Internet Explorer (IE), Microsoft Windows, Office and Microsoft Office Services and Web Apps, Azure, Team Foundation Services, a
Qualys
February 2019 Patch Tuesday – 74 Vulns, 20 Critical, Exchange 0-day, Adobe Vulns
blogs_qualys·2019-02-12·CVSS 8.8
[HIGH] February 2019 Patch Tuesday – 74 Vulns, 20 Critical, Exchange 0-day, Adobe Vulns
This month’s Patch Tuesday is very large, with 74 vulns being addressed of which 20 are labeled as critical. Fifteen of these critical vulns are in the Scripting Engine and browsers, with the remainder being GDI+, SharePoint, and DHCP. Microsoft also issued an Advisory for an Exchange 0-day, along with a patch for one of the two reported vulns. Adobe also released updates for Acrobat/Reader, Flash, Coldfusion, and Creative Cloud.
## Workstation Patches
Browser, Scripting Engine, and GDI+ patches should be prioritized for workstation-type devices, meaning any system that is used for email or to access the internet via a browser. This includes multi-user servers that are used as remote desktops for users.
## Exchange
In late January, a 0-day exploit was announced for Microsoft Exchange.
Qualys
February 2019 Patch Tuesday - 74 Vulns, 20 Critical, Exchange 0-day, Adobe Vulns | Qualys
blogs_qualys·2019-02-12·CVSS 8.8
[HIGH] February 2019 Patch Tuesday - 74 Vulns, 20 Critical, Exchange 0-day, Adobe Vulns | Qualys
This month’s Patch Tuesday is very large, with 74 vulns being addressed of which 20 are labeled as critical. Fifteen of these critical vulns are in the Scripting Engine and browsers, with the remainder being GDI+, SharePoint, and DHCP. Microsoft also issued an Advisory for an Exchange 0-day, along with a patch for one of the two reported vulns. Adobe also released updates for Acrobat/Reader, Flash, Coldfusion, and Creative Cloud.
### Workstation Patches
Browser, Scripting Engine, and GDI+ patches should be prioritized for workstation-type devices, meaning any system that is used for email or to access the internet via a browser. This includes multi-user servers that are used as remote desktops for users.
### Exchange
In late January, a 0-day exploit was announced for Microsoft Exchange
Krebs
Patch Tuesday, February 2019 Edition
blogs_krebs·2019-02-12·CVSS 9.8
[CRITICAL] Patch Tuesday, February 2019 Edition
Microsoft on Tuesday issued a bevy of patches to correct at least 70 distinct security vulnerabilities in Windows and software designed to interact with various flavors of the operating system. This month’s patch batch tackles some notable threats to enterprises — including multiple flaws that were publicly disclosed prior to Patch Tuesday. It also bundles fixes to quash threats relevant to end users, including critical updates for Adobe Flash Player and Microsoft Office, as well as a zero-day bug in Internet Explorer.
Microsoft patched a bug in Internet Exploder Explorer (CVE-2019-0676) discovered by Google that attackers already are using to target vulnerable systems. This flaw could allow malware or miscreants to check for the presence of specific files on the target’s hard drive.
Ano
Tenable
Proof-of-Concept Code Gives Standard Microsoft Exchange Users Domain Administrator Privileges (CVE-2019-0724, CVE-2019-0686)
blogs_tenable·2019-01-22·CVSS 7.4
CVE-2019-0724 [HIGH] Proof-of-Concept Code Gives Standard Microsoft Exchange Users Domain Administrator Privileges (CVE-2019-0724, CVE-2019-0686)
Blog / Cyber Exposure Alerts
Subscribe
# Proof-of-Concept Code Gives Standard Microsoft Exchange Users Domain Administrator Privileges (CVE-2019-0724, CVE-2019-0686)
Paul Davis
January 22, 2019
4 Min Read
Publicly released and newly named “PrivExchange” proof-of-concept (POC) privilege escalation code exploits protocol flaws and default configurations to give standard Exchange users Domain Administrator access.
### Background
Update February 12: Microsoft released updates for CVE-2019-0724 and CVE-2019-0686 to address this vulnerability.
Update February 6: Microsoft published a security advisory (ADV190007) that includes a Throttling Policy that will mitigate this vulnerability until a software update. Additionally, they noted that the vulnerability described in the blog post below
Tenable
Proof-of-Concept Code Gives Standard Microsoft Exchange Users Domain Administrator Privileges (CVE-2019-0724, CVE-2019-0686)
blogs_tenable·2019-01-22·CVSS 7.4
[HIGH] Proof-of-Concept Code Gives Standard Microsoft Exchange Users Domain Administrator Privileges (CVE-2019-0724, CVE-2019-0686)
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
2019-03-05
Published