Palo Alto Networks Unit 42 has identified a new exploit method for Microsoft Exchange Server that allows attackers to gain access to the Exchange server via a server-side request forgery (OWASSRF).

This vulnerability is a variation of a method that has been used in the past to attack Microsoft Internet Information Services (IIS) without authentication. The attackers have repurposed this exploit and are now using it against Exchange Server.

Although Microsoft has released a security bulletin related to this vulnerability, there are currently no known exploits in the wild at the time of writing.

This exploit has no known effect on any versions of Exchange Server other than Exchange 2000 Server Service Pack 3 (SP3) or later. However, we expect that it will work against future versions of Microsoft Exchange Server if they do not install the security patch for CVE-2017-8620.

‍

Source: Threat Brief: OWASSRF Vulnerability Exploitation - AlienVault - Open Threat Exchange