Tag
#Microsoft Exchange Server
**According to the CVSS metric, privileges required is low (PR:L). Does the attacker need to be in an authenticated role on the Exchange Server?** Yes, the attacker must be authenticated.
**According to the CVSS metric, privileges required is low (PR:L). Does the attacker need to be in an authenticated role on the Exchange Server?** Yes, the attacker must be authenticated.
**According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability?** An authenticated attacker could exploit this vulnerability LAN-side or potentially from the internet.
**What privileges could be gained by an attacker who successfully exploited the vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
**What privileges could be gained by an attacker who successfully exploited the vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
**What type of information could be disclosed by this vulnerability?** Exploiting this vulnerability could allow the disclosure of NTLM hashes.
**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability is sensitive information.
**What type of information could be disclosed by this vulnerability?** Exploiting this vulnerability could allow the disclosure of NTLM hashes.
**What type of information could be disclosed by this vulnerability?** Exploiting this vulnerability could allow the disclosure of NTLM hashes.
**According to the CVSS metric, privileges required is low (PR:L). Does the attacker need to be in an authenticated role on the Exchange Server?** Yes, the attacker must be authenticated.