Skip to main content

Microsoft Exchange Server Elevation of Privilege Vulnerabilities

Last Update Date: 16 Dec 2014 Release Date: 10 Dec 2014 4170 Views

RISK: Medium Risk

TYPE: Servers - Other Servers

TYPE: Other Servers
  1. Outlook Web App Token Spoofing Vulnerability
    A token spoofing vulnerability exists in Exchange Server when Microsoft Outlook Web App (OWA) fails to properly validate a request token. An attacker who successfully exploited this vulnerability could then use the vulnerability to send email that appears to come from a user other than the attacker (e.g., from a trusted source). Customers who access their Exchange Server email via Outlook Web App are primarily at risk from this vulnerability. The update addresses the vulnerability by ensuring that Outlook Web App properly validates request tokens.

  2. Multiple OWA XSS Vulnerabilities
    Elevation of privilege vulnerabilities exist when Microsoft Exchange Server does not properly validate input. An attacker who successfully exploited these vulnerabilities could run script in the context of the current user. An attacker could, for example, read content that the attacker is not authorized to read, use the victim's identity to take actions on the Outlook Web App site on behalf of the victim, such as change permissions and delete content, and inject malicious content in the browser of the victim. Any system that is used to access an affected version of Outlook Web App would potentially be at risk to attack. The update addresses the vulnerabilities by ensuring that URLs are properly sanitized.

    For these vulnerabilities to be exploited, a user must click a specially crafted URL that takes the user to a targeted Outlook Web App site.

  3. Exchange URL Redirection Vulnerability
    A spoofing vulnerability exists in Microsoft Exchange when Microsoft Outlook Web App (OWA) fails to properly validate redirection tokens. An attacker who successfully exploited this vulnerability could redirect a user to an arbitrary domain from a link that appears to originate from the user’s domain. An attacker could use the vulnerability to send email that appears to come from a user other than the attacker. Customers who access their Exchange Server email via Outlook Web App are primarily at risk from this vulnerability. The update addresses the vulnerability by ensuring that URLs are properly sanitized.

 


Impact

  • Elevation of Privilege

System / Technologies affected

  • Microsoft Exchange Server 2007 Service Pack 3
  • Microsoft Exchange Server 2010 Service Pack 3
  • Microsoft Exchange Server 2013 Service Pack 1
  • Microsoft Exchange Server 2013 Cumulative Update 6

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.


Vulnerability Identifier


Source


Related Link