Tag
#Security Vulnerability
**How could an attacker exploit the vulnerability?** A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target system. This vulnerability can be exploited through two different vectors: * **For the vulnerability to be exploited on the SMB Client**, an unauthenticated attacker would first need to configure a malicious SMBv3 server and convince a user to connect to it by enticing them to click a specially crafted link. * \*\*For the vulnerability to be exploited on the SMB Server \*\*, an authenticated attacker could send specially crafted packets from an SMB Client to a targeted SMBv3 Server.
**According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?** No special privileges are required to exploit this vulnerability. An attacker needs to have network connectivity to the replication appliance.
**According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?** The word **Remote** in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the score indicates that the **Attack Vector** is **Local** and **User Interaction** is **Required**, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer.
**According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?** Any authenticated user could trigger this vulnerability. It does not require admin or other elevated privileges.
**Are there any more actions I need to take to be protected from this vulnerability?** Yes. Customers vulnerable to this issue would need to enable Extended Protection in order to prevent this attack. For more information, see Exchange Server Support for Windows Extended Protection **Is there more information available about this release of Exchange Server?** For more information on this issue, please see The Exchange Blog.
**Are there any more actions I need to take to be protected from this vulnerability?** Yes. Customers vulnerable to this issue would need to enable Extended Protection in order to prevent this attack. For more information, see Exchange Server Support for Windows Extended Protection **Is there more information available about this release of Exchange Server?** For more information on this issue, please see The Exchange Blog.
**According to the CVSS metric, privileges required is high (PR:H). What privileges does an attacker require to exploit this vulnerability?** Successful exploitation of this vulnerability requires an attacker to compromise admin credentials to one of the VMs associated with the configuration server.
**According to the CVSS metric, privileges required is high (PR:H). What privileges does an attacker require to exploit this vulnerability?** Successful exploitation of this vulnerability requires an attacker to compromise admin credentials to one of the VMs associated with the configuration server.
**According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?** Any authenticated user could trigger this vulnerability. It does not require admin or other elevated privileges.
**According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?** Any authenticated user could trigger this vulnerability. It does not require admin or other elevated privileges.