VULHUB ™

A flaw exists in a component of OWA on Microsoft Exchange 5.5, which could enable an unauthenticated user to gain read access to the entire Global Address List. This issue enables the user to perform a Find User request directly to the flawed component of OWA, circumventing authentication to the Exchange server.

A flaw exists in a component of OWA on Microsoft Exchange 5.5, which could enable an unauthenticated user to gain read access to the entire Global Address List. This issue enables the user to perform a Find User request directly to the flawed component of OWA, circumventing authentication to the Exchange server.