Microsoft Exchange Server Elevation of Privilege Vulnerabilities
Last Update Date:
16 Dec 2014
Release Date:
10 Dec 2014
4170
Views
RISK: Medium Risk
TYPE: Servers - Other Servers
- Outlook Web App Token Spoofing Vulnerability
A token spoofing vulnerability exists in Exchange Server when Microsoft Outlook Web App (OWA) fails to properly validate a request token. An attacker who successfully exploited this vulnerability could then use the vulnerability to send email that appears to come from a user other than the attacker (e.g., from a trusted source). Customers who access their Exchange Server email via Outlook Web App are primarily at risk from this vulnerability. The update addresses the vulnerability by ensuring that Outlook Web App properly validates request tokens. - Multiple OWA XSS Vulnerabilities
Elevation of privilege vulnerabilities exist when Microsoft Exchange Server does not properly validate input. An attacker who successfully exploited these vulnerabilities could run script in the context of the current user. An attacker could, for example, read content that the attacker is not authorized to read, use the victim's identity to take actions on the Outlook Web App site on behalf of the victim, such as change permissions and delete content, and inject malicious content in the browser of the victim. Any system that is used to access an affected version of Outlook Web App would potentially be at risk to attack. The update addresses the vulnerabilities by ensuring that URLs are properly sanitized.
For these vulnerabilities to be exploited, a user must click a specially crafted URL that takes the user to a targeted Outlook Web App site. - Exchange URL Redirection Vulnerability
A spoofing vulnerability exists in Microsoft Exchange when Microsoft Outlook Web App (OWA) fails to properly validate redirection tokens. An attacker who successfully exploited this vulnerability could redirect a user to an arbitrary domain from a link that appears to originate from the user’s domain. An attacker could use the vulnerability to send email that appears to come from a user other than the attacker. Customers who access their Exchange Server email via Outlook Web App are primarily at risk from this vulnerability. The update addresses the vulnerability by ensuring that URLs are properly sanitized.
Impact
- Elevation of Privilege
System / Technologies affected
- Microsoft Exchange Server 2007 Service Pack 3
- Microsoft Exchange Server 2010 Service Pack 3
- Microsoft Exchange Server 2013 Service Pack 1
- Microsoft Exchange Server 2013 Cumulative Update 6
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Download location for patches:
https://technet.microsoft.com/en-us/library/security/ms14-075
Vulnerability Identifier
Source
Related Link
Share with