PT-2020-1675 · Microsoft · Exchange Server

Published

2020-02-11

Updated

2021-07-21

CVE-2020-0692

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Microsoft Exchange Server (affected versions not specified)

Description The issue is related to an elevation of privilege vulnerability in Microsoft Exchange Server. This vulnerability could allow a remote attacker to gain elevated privileges, potentially giving them the same rights as other users of the Exchange server. As a result, the attacker could perform activities such as accessing the mailboxes of other users. The vulnerability is associated with errors in handling objects in memory.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269

Related Identifiers

BDU:2020-00908

CVE-2020-0692

Affected Products

Exchange Server

PT-2020-1675 · Microsoft · Exchange Server

CVE-2020-0692

Weakness Enumeration

Related Identifiers

Affected Products

References · 5