Threat Landscape Dashboard

Assessing today's threats and the relationships between them


A privilege escalation vulnerability has been discovered in Microsoft Exchange Server. The flaw lies in the notifications contract between EWS clients and Exchange Servers. Successful exploitation could allow an attacker to perform a man-in-the-middle attack. Microsoft Exchange Server 2010, 2013, 2016, and 2019 are affected.
Name Modified Date Sources
CVE-2019-0686 2019-02-19