Описание
Microsoft Outlook Web Access (OWA), when used with Exchange, allows remote attackers to redirect users to arbitrary URLs for login via a link to the owalogon.asp application.
Ссылки
- Mailing ListThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- Permissions Required
- Third Party AdvisoryVDB Entry
- Mailing ListThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- Permissions Required
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microsoft:exchange_server:2003:-:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:2003:sp1:*:*:*:*:*:*
EPSS
Процентиль: 99%
0.74707
Высокий
5.8 Medium
CVSS2
Дефекты
CWE-601
Связанные уязвимости
github
почти 4 года назад
Microsoft Outlook Web Access (OWA), when used with Exchange, allows remote attackers to redirect users to arbitrary URLs for login via a link to the owalogon.asp application.
EPSS
Процентиль: 99%
0.74707
Высокий
5.8 Medium
CVSS2
Дефекты
CWE-601