BID:106725

Microsoft Exchange Server Remote Privilege Escalation Vulnerability

Info

Microsoft Exchange Server Remote Privilege Escalation Vulnerability

Bugtraq ID:	106725
Class:	Design Error
CVE:
Remote:	Yes
Local:	No
Published:	Jan 21 2019 12:00AM
Updated:	Jun 05 2019 10:00AM
Credit:	Dirk-jan Mollema
Vulnerable:	Microsoft Exchange Server 2019 Cumulative Update 1 Microsoft Exchange Server 2019 0 Microsoft Exchange Server 2016 Cumulative Update 12 Microsoft Exchange Server 2016 0 Microsoft Exchange Server 2013 Cumulative Update 22 Microsoft Exchange Server 2013 0 Microsoft Exchange Server 2010 SP3 Update Rollup 26

Not Vulnerable:

Discussion

Microsoft Exchange Server Remote Privilege Escalation Vulnerability

Microsoft Exchange Server is prone to a remote privilege-escalation vulnerability.

Attackers can exploit this issue to gain elevated privileges.

Exploit / POC

Microsoft Exchange Server Remote Privilege Escalation Vulnerability

The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.

Solution / Fix

Microsoft Exchange Server Remote Privilege Escalation Vulnerability

Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].

References

Microsoft Exchange Server Remote Privilege Escalation Vulnerability

References:

Abusing Exchange: One API call away from Domain Admin (Dirk-jan Mollema)
Exchange Server Home Page (Microsoft)
Microsoft Homepage (Microsoft)
PrivExchange (PrivExchange)
ADV190007 | Guidance for "PrivExchange" Elevation of Privilege Vulnerability (Microsoft)
VU#465632: Microsoft Exchange 2013 and newer are vulnerable to NTLM relay attack (CERT)