Spoofing attack in Microsoft Exchange OWA

Published: 2017-12-12 20:16:15
Severity Low
Patch available YES
Number of vulnerabilities 1
CVE ID CVE-2017-11932
CVSSv3 5.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CWE ID CWE-451
Exploitation vector Network
Public exploit Not available
Vulnerable software Microsoft Exchange Server
Vulnerable software versions Microsoft Exchange Server 2016 Cumulative Update 6
Microsoft Exchange Server 2016 Cumulative Update 7
Vendor URL Microsoft

Security Advisory

1) Spoofing attack

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to error in Outlook Web Access (OWA) in Microsoft Exchange Server when parsing HTTP requests. A remote attacker can perform script or content injection attacks, and attempt to trick the user into disclosing sensitive information.

Additionally Microsoft has released an update for Microsoft Exchange that provides enhanced security as a defense-in-depth measure.

Remediation

Install updates from vendor's website.

External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11932
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170023

Back to List