Описание
Microsoft Live Accounts Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in Outlook Web Access (OWA) regarding a possible unsigned token. An attacker who successfully exploited this vulnerability could have access to another person's email inbox.
To exploit this vulnerability, an attacker would first have to replace an unsigned token with a different one.
This vulnerability has been mitigated for all users' Microsoft Live accounts.
FAQ
Does my network administrator need to do anything to protect me from this attack?
No, Microsoft has mitigated the attack vector to protect online mailboxes from this vulnerability. No further action is required.
Возможность эксплуатации
Publicly Disclosed
No
Exploited
No
DOS
N/A