An interaction between Microsoft Outlook Web Access (OWA) with RSA SecurID allows local users to bypass the SecurID authentication for a previous user via several submissions of an OWA Authentication request with the proper OWA password for the previous user, which is eventually accepted by OWA.
Weakness
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Exchange_server | Microsoft | 5.5 (including) | 5.5 (including) |
| Exchange_server | Microsoft | 5.5-sp1 (including) | 5.5-sp1 (including) |
| Exchange_server | Microsoft | 5.5-sp2 (including) | 5.5-sp2 (including) |
| Exchange_server | Microsoft | 5.5-sp3 (including) | 5.5-sp3 (including) |
| Exchange_server | Microsoft | 5.5-sp4 (including) | 5.5-sp4 (including) |
| Exchange_server | Microsoft | 2000 (including) | 2000 (including) |
| Exchange_server | Microsoft | 2000-sp1 (including) | 2000-sp1 (including) |
| Exchange_server | Microsoft | 2000-sp2 (including) | 2000-sp2 (including) |
Potential Mitigations
Related Attack Patterns
- https://cwe.mitre.org/data/definitions/114.html
- https://cwe.mitre.org/data/definitions/115.html
- https://cwe.mitre.org/data/definitions/151.html
- https://cwe.mitre.org/data/definitions/194.html
- https://cwe.mitre.org/data/definitions/22.html
- https://cwe.mitre.org/data/definitions/57.html
- https://cwe.mitre.org/data/definitions/593.html
- https://cwe.mitre.org/data/definitions/633.html
- https://cwe.mitre.org/data/definitions/650.html
- https://cwe.mitre.org/data/definitions/94.html