Описание
Outlook Web App (OWA) in Microsoft Exchange Server 2007 SP3, 2010 SP3, and 2013 SP1 and Cumulative Update 6 does not properly validate tokens in requests, which allows remote attackers to spoof the origin of e-mail messages via unspecified vectors, aka "Outlook Web App Token Spoofing Vulnerability."
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microsoft:exchange_server:2007:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:2010:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_6:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:2013:sp1:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05143
Низкий
5 Medium
CVSS2
Дефекты
CWE-284
Связанные уязвимости
github
больше 3 лет назад
Outlook Web App (OWA) in Microsoft Exchange Server 2007 SP3, 2010 SP3, and 2013 SP1 and Cumulative Update 6 does not properly validate tokens in requests, which allows remote attackers to spoof the origin of e-mail messages via unspecified vectors, aka "Outlook Web App Token Spoofing Vulnerability."
EPSS
Процентиль: 90%
0.05143
Низкий
5 Medium
CVSS2
Дефекты
CWE-284