Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network.
| Vendor | Product | Versions |
|---|---|---|
| microsoft | microsoft exchange online | - |
Downstream vendors/products affected by this vulnerability
| Vendor | Product | Source | Confidence |
|---|---|---|---|
| microsoft | exchange | cert_advisory | 90% |
Updated severity to CRITICAL, noted no exploit available, and added 'managed service' tag.
Initial creation