CVE-2018-8581
Microsoft Exchange Server Privilege Escalation Vulnerability
CVSS
—
No CVSS
EPSS
27.4%
p98
KEV
YES
Mar 3, 2022
Exploit Today
79
0-100
Published: — · Last modified: —
27.4%EPSS · 30 days27.6%
2026-06-302026-07-16
Product
Microsoft / Exchange Server
Vulnerability
Microsoft Exchange Server Privilege Escalation Vulnerability
Added to KEV
Mar 3, 2022
Remediate by
Mar 17, 2022
Known ransomware use
Yes
Summary description
A privilege escalation vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could attempt to impersonate any other user of the Exchange server.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-8581
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2021-34473—100.0%
KEV—80Microsoft Exchange Server Remote Code Execution Vulnerability—CVE-2021-26855—100.0%
KEV—80Microsoft Exchange Server Remote Code Execution Vulnerability—CVE-2022-41082—100.0%
KEV—80Microsoft Exchange Server Remote Code Execution Vulnerability—CVE-2021-34523—100.0%
KEV—80Microsoft Exchange Server Privilege Escalation Vulnerability—CVE-2021-27065—100.0%
KEV—80Microsoft Exchange Server Remote Code Execution Vulnerability—CVE-2022-41040—100.0%
KEV—80Microsoft Exchange Server Server-Side Request Forgery Vulnerability—