An interaction between Microsoft Outlook Web Access (OWA) with RSA SecurID allows local users to bypass the SecurID authentication for a previous user via several submissions of an OWA Authentication request with the proper OWA password for the previous user, which is eventually accepted by OWA.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft exchange server 5.5 |
||
microsoft exchange server 2000 |
||
rsa securid 5.0 |