CVE-2021-26855 (SSRF) HAFNIUM APT Group Exploiting Microsoft Exchange Vulnerabilities
Recently, Microsoft has issued an out of band patch that aims to mitigate seven Remote Code Execution vulnerabilities in Microsoft Exchange. Microsoft Threat Intelligence Center (MSTIC) has observed ...
Published Mar 04, 2021
Version 1.0
Gal_Goldshtein
Employee
Employee
xaxe
Altostratus
AltostratusHi,
We're running Exchange (OWA) behind an F5 using the Exchange 2016 IAPP which presents the F5 forms based logon before even displaying the Exchange/OWA logon screen.
We are scrambling to patch the server, however are we protected by us being behind the IAPP/F5?