MS.OWA.POST.CSRF
Description
This indicates a possible exploit of a cross-site request forgery (CSRF) vulnerability in Microsoft Outlook Web Access.
This vulnerability is due to the vulnerable software's insufficient validation of HTTP requests. A remote attacker may exploit this to gain unauthorized access to the victim's accounts.
Affected Products
Microsoft Exchange Server 2003 Service Pack 2
Microsoft Exchange Server 2007 Service Pack 1
Microsoft Exchange Server 2007 Service Pack 2
Impact
Privilege escalation
Recommended Actions
Refer to the vendor's web site for the suggested workaround:
http://www.microsoft.com/technet/security/advisory/2401593.mspx
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2021-01-11 | 16.995 |