Rule Category

POLICY-OTHER --

Alert Message

POLICY-OTHER Microsoft Windows Exchange Server remote privilege escalation attempt

Rule Explanation

This event is generated when an attempt to exploit an escalation of privileges in Exchange server, is detected Impact: High Details: Ease of Attack:

What To Look For

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group

MITRE ATT&CK Framework

Tactic:

Technique:

For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org

CVE

Additional Links

CVE Additional Information

CVE-2020-0692
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'.
Details
SeverityMEDIUM Base Score6.8
Impact Score6.4 Exploit Score8.6
Confidentiality ImpactPARTIAL Integrity ImpactPARTIAL
Availability ImpactPARTIAL Access VectorNETWORK
AuthenticationNONE Ease of AccessMEDIUM