This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

CVE-2018-8581 | Microsoft Exchange Server Elevation of Privilege Vulnerability

I'm a little disappointed that this is not covered by the IPS, at least it's not in the rules list. Maybe this can't be handled by snort, I don't know.

Some information:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8581

and some in german:
https://www.frankysweb.de/active-directory-und-exchange-server-ueber-ews-api-angreifbar/

Please be aware of this.

Best regards

Alex

P.S. The rules are here: https://lists.astaro.com/ASGV9-IPS-rules.html#221

This thread was automatically locked due to age.

Parents

BAlfson over 5 years ago

Thanks, Alex. It does look like Snort would have to block desired traffic to address this and that the fix has to be in the registry of the Exchange server.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Reply

BAlfson over 5 years ago

Thanks, Alex. It does look like Snort would have to block desired traffic to address this and that the fix has to be in the registry of the Exchange server.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data