CVE-2002-0507
Microsoft Exchange Server - Authentication Bypass via Repeated OWA Requests
Title source: llmDescription
An interaction between Microsoft Outlook Web Access (OWA) with RSA SecurID allows local users to bypass the SecurID authentication for a previous user via several submissions of an OWA Authentication request with the proper OWA password for the previous user, which is eventually accepted by OWA.
References (3)
Core 3
Core References
Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/8681.php
Third Party Advisory, VDB Entry, Vendor Advisory mailing-list
x_refsource_bugtraq
http://online.securityfocus.com/archive/1/264705
Third Party Advisory, VDB Entry, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/4390
Scores
EPSS
0.0222
EPSS Percentile
80.4%
Details
CWE
CWE-287
Status
published
Products (3)
microsoft/exchange_server
5.5 (5 CPE variants)
microsoft/exchange_server
2000 (3 CPE variants)
rsa/securid
5.0
Published
Aug 12, 2002
Tracked Since
Feb 18, 2026