CVE-2018-8581

CVE Database · CVE-2018-8581

CVE-2018-8581

· HIGHAnalyzed

CVSS v3.1

7.4

EPSS

27.56%

Published

Nov 13, 2018

Modified

Oct 28, 2025

CISA Known Exploited Vulnerability

Added: 2022-03-03 · Due: 2022-03-17

Apply updates per vendor instructions.

Public PoC / Exploit (4)

All weaponized →

TrickestTrickest PoC index GitHub PoCRidter/Exchange2domain★370 GitHub PoCWyAtu/CVE-2018-8581★331 GitHub PoCqiantu88/CVE-2018-8581★5

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Affected Products (4)

microsoft · exchange_servervulnerable

References (7)

http://www.securityfocus.com/bid/105837

Broken LinkThird Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1042141

Broken LinkThird Party AdvisoryVDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8581

PatchVendor Advisory

http://www.securityfocus.com/bid/105837

Broken LinkThird Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1042141

Broken Link

KEV Catalog EPSS Scores Vendors All CVEs