SRC-2021-0013 : Microsoft Exchange Server DlpUtils AddTenantDlpPolicy ruleParameters TOCTOU Remote Code Execution Vulnerability (patch bypass)
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exchange Server. Authentication with the “Data Loss Prevention” role is required to exploit this vulnerability. The specific flaw exists within the processing of the...