{"containers": {"cna": {"affected": [{"product": "Microsoft Exchange Server 2010", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "Service Pack 3 Update Rollup 26"}]}, {"product": "Microsoft Exchange Server 2013", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "Cumulative Update 22"}]}, {"product": "Microsoft Exchange Server 2016", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "Cumulative Update 12"}]}, {"product": "Microsoft Exchange Server 2019", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "Cumulative Update 1"}]}], "datePublic": "2019-03-05T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0724."}], "problemTypes": [{"descriptions": [{"description": "Elevation of Privilege", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-03-06T10:57:01.000Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0686"}, {"name": "106937", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/106937"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@microsoft.com", "ID": "CVE-2019-0686", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Microsoft Exchange Server 2010", "version": {"version_data": [{"version_value": "Service Pack 3 Update Rollup 26"}]}}, {"product_name": "Microsoft Exchange Server 2013", "version": {"version_data": [{"version_value": "Cumulative Update 22"}]}}, {"product_name": "Microsoft Exchange Server 2016", "version": {"version_data": [{"version_value": "Cumulative Update 12"}]}}, {"product_name": "Microsoft Exchange Server 2019", "version": {"version_data": [{"version_value": "Cumulative Update 1"}]}}]}, "vendor_name": "Microsoft"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0724."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Elevation of Privilege"}]}]}, "references": {"reference_data": [{"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0686", "refsource": "CONFIRM", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0686"}, {"name": "106937", "refsource": "BID", "url": "http://www.securityfocus.com/bid/106937"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T17:51:27.156Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0686"}, {"name": "106937", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/106937"}]}]}, "cveMetadata": {"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-0686", "datePublished": "2019-03-06T00:00:00.000Z", "dateReserved": "2018-11-26T00:00:00.000Z", "dateUpdated": "2024-08-04T17:51:27.156Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:exchange_server:2010:sp3_rollup26:*:*:*:*:*:*", "matchCriteriaId": "C509CA9F-1716-4074-BA28-D95048B80AB8", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_22:*:*:*:*:*:*", "matchCriteriaId": "751FD35F-2ECD-4B75-9589-988CC6AD3058", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_12:*:*:*:*:*:*", "matchCriteriaId": "CCF101BE-27FD-4E2D-A694-C606BD3D1ED7", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_1:*:*:*:*:*:*", "matchCriteriaId": "051DE6C4-7456-4C42-BC51-253208AADB4E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0724."}, {"lang": "es", "value": "Existe una vulnerabilidad de elevaci\u00f3n de privilegios en Microsoft Exchange Server. Esto tambi\u00e9n se conoce como \"Microsoft Exchange Server Elevation of Privilege Vulnerability\". El ID de este CVE es diferente de CVE-2019-0724."}], "id": "CVE-2019-0686", "lastModified": "2024-11-21T04:17:06.540", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 2.2, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-03-05T23:29:02.647", "references": [{"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/106937"}, {"source": "secure@microsoft.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0686"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/106937"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0686"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}