### [CVE-2017-11932](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11932)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=Microsoft%20Exchange%20Server%202016%20CU5%20and%20Microsoft%20Exchange%20Server%202016%20CU5%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Spoofing&color=brightgreen)

### Description

Microsoft Exchange Server 2016 CU5 and Microsoft Exchange Server 2016 CU5 allow a spoofing vulnerability due to the way Outlook Web Access (OWA) validates web requests, aka "Microsoft Exchange Spoofing Vulnerability".

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/shelly-cn/ExchangeCVESearch