MS.OWA.POST.CSRF

description-logoDescription

This indicates a possible exploit of a cross-site request forgery (CSRF) vulnerability in Microsoft Outlook Web Access.
This vulnerability is due to the vulnerable software's insufficient validation of HTTP requests. A remote attacker may exploit this to gain unauthorized access to the victim's accounts.

affected-products-logoAffected Products

Microsoft Exchange Server 2003 Service Pack 2
Microsoft Exchange Server 2007 Service Pack 1
Microsoft Exchange Server 2007 Service Pack 2

Impact logoImpact

Privilege escalation

recomended-action-logoRecommended Actions

Refer to the vendor's web site for the suggested workaround:
http://www.microsoft.com/technet/security/advisory/2401593.mspx

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2021-01-11 16.995