CVE-2018-8159

Summary

An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests, aka "Microsoft Exchange Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.

Affected Software

VendorProductVersion RangeStatus
MicrosoftMicrosoft Exchange Server2013 Cumulative Update 19affected
MicrosoftMicrosoft Exchange Server2013 Cumulative Update 20affected
MicrosoftMicrosoft Exchange Server2016 Cumulative Update 8affected
MicrosoftMicrosoft Exchange Server2016 Cumulative Update 9affected

Weaknesses

  • Elevation of Privilege

ADP Enrichment

CVE Program Container

Additional References

References