CVE-2018-8448

Published Oct 10, 2018

Last updated 5 years ago

Overview

Description
An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.
Source
secure@microsoft.com
NVD status
Analyzed

Risk scores

CVSS 3.0

Type
Primary
Base score
5.4
Impact score
2.5
Exploitability score
2.8
Vector string
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Severity
MEDIUM

CVSS 2.0

Type
Primary
Base score
5.8
Impact score
4.9
Exploitability score
8.6
Vector string
AV:N/AC:M/Au:N/C:P/I:P/A:N

Weaknesses

nvd@nist.gov
CWE-79

Social media

Hype score
Not currently trending

Configurations