What is CVE-2018-8154?

CVE-2018-8154 is a vulnerability in Microsoft Exchange Server. Published 2018-05-09.

Is CVE-2018-8154 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Exchange Server

CVE-2018-8154

A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka "Microsoft Exchange Memory Corruption Vulnerability." This affects Microsoft Exchange Server. Thi…

EPSS: 0.282 (96.6th percentile) — read the EPSS interpretation.

Affected products

Microsoft Exchange Server — versions 2010 Service Pack 3 Update Rollup 21, 2013 Cumulative Update 19, 2013 Cumulative Update 20

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

104054 (vdb-entry, x_refsource_BID)
1040850 (vdb-entry, x_refsource_SECTRACK)
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8154 (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2018-8154?: CVE-2018-8154 is a vulnerability in Microsoft Exchange Server. Published 2018-05-09.
Is CVE-2018-8154 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.