{"id":87391,"date":"2021-09-06T09:56:15","date_gmt":"2021-09-06T09:56:15","guid":{"rendered":"https:\/\/www.stellarinfo.com\/blog\/?p=87391"},"modified":"2023-07-20T06:47:48","modified_gmt":"2023-07-20T06:47:48","slug":"microsoft-exchange-proxytoken-flaw","status":"publish","type":"post","link":"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/","title":{"rendered":"New &#8216;ProxyToken&#8217; Flaw Lets Attackers Reconfigure Exchange Mailboxes"},"content":{"rendered":"<?xml encoding=\"utf-8\" ?><?xml encoding=\"utf-8\" ?><p>ProxyToken is the latest &lsquo;proxy&rsquo; (authentication bypass) vulnerability that has emerged, after <a href=\"https:\/\/www.stellarinfo.com\/blog\/recover-microsoft-exchange-server-after-hafnium-attack\/\" target=\"_blank\" rel=\"noreferrer noopener\">ProxyLogon<\/a>, <a href=\"https:\/\/www.stellarinfo.com\/blog\/patch-proxyshell-vulnerabilities-on-microsoft-exchange-servers\/\" target=\"_blank\" rel=\"noreferrer noopener\">ProxyShell<\/a>, and ProxyOracle, this year. The threat actors are actively exploiting such vulnerabilities to compromise unpatched Exchange Servers, deploy web shells, and install file-encrypting ransomware, such as <a href=\"https:\/\/www.stellarinfo.com\/blog\/lockfile-ransomware-encrypting-microsoft-exchange-servers\/\" target=\"_blank\" rel=\"noreferrer noopener\">LockFile<\/a>, <a href=\"https:\/\/www.stellarinfo.com\/blog\/recover-exchange-server-after-black-kingdom-ransomware-attack\/\" target=\"_blank\" rel=\"noreferrer noopener\">Black KingDom<\/a>, etc.<\/p><p>The ProxyToken vulnerability allows the attackers to modify and reconfigure the mailboxes of arbitrary users. However, Microsoft released the cumulative updates to patch the vulnerability as a part of its July 2021 Patch Tuesday Updates.<\/p><p>The security flaw was reported via Zero-day Initiative (ZDI) by researcher Le Xuan Tuyen at the Information Security Center of Vietnam Posts and Telecommunications Group (VNPT-ISC) in March 2021.<\/p><h2 class=\"wp-block-heading\" id=\"what-is-proxytoken-vulnerability?\">What Is ProxyToken Vulnerability?<\/h2><p>The vulnerability is identified and listed as,<\/p><ul class=\"wp-block-list\"><li><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-33766\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">CVE-2021-33766<\/a>: Microsoft Exchange Information Disclosure Vulnerability with a CVSS score of 7.3 that places it into the high severity group.<\/li><\/ul><p>The ProxyToken vulnerability allows attackers to perform remote code execution in certain conditions. It allows them to reconfigure mailboxes in such a way that all the emails sent to a particular user&rsquo;s mailbox are forwarded to another account. The vulnerability affects Microsoft on-premises Exchange Server 2013, 2016, and 2019.<\/p><h2 class=\"wp-block-heading\" id=\"how-attackers-are-exploiting-the-&lsquo;proxytoken&rsquo;-vulnerability?\">How Attackers are Exploiting the &lsquo;ProxyToken&rsquo; Vulnerability?<\/h2><p>MS Exchange installation creates several Internet Information Service (IIS) virtual directories, including the two sites, one for the OWA access (frontend) and another for the ECP access (backend). The frontend works as a proxy to the backend but requires authentication to serve pages, such as \/owa\/auth\/logon.aspx.<\/p><p>The frontend role is to repackage the requests and proxy them to the endpoints on the Exchange backend. After this, it collects the response from the backend and forwards it to the client. However, Exchange also supports the &lsquo;Delegated Authentication&rsquo; feature and that&rsquo;s precisely where the issue arises.<\/p><p>When the user authenticates, the frontend passes authentication requests to the backend using a SecurityToken cookie to identify them. However, if the frontend finds a non-empty SecurityToken cookie, it delegates authentication to the backend. By default, the DelegatedAuthModule isn&rsquo;t configured to use the special delegated Authentication feature. The result is that the requests can go through to either the frontend or backend without authentication.<\/p><p>From there, the threat actors can configure the mailboxes and install a forwarding rule to receive and read victims&rsquo; emails. The threat actors can also configure the mailboxes of arbitrary users.<\/p><h2 class=\"wp-block-heading\" id=\"how-to-protect-your-exchange-server?\">How to Protect your Exchange Server?<\/h2><p>If you have updated your Exchange Servers with the latest Cumulative updates, no action is required. However, tens of thousands of Exchange Servers are still unpatched and vulnerable to malicious attacks.<\/p><p>If your server is still not updated, follow these steps to patch ProxyToken, ProxyLogon, ProxyOracle, and ProxyShell vulnerabilities on your Exchange Server and protect your organization against malicious attacks.<\/p><h3 class=\"wp-block-heading\">Step 1: Execute Exchange Server Health Checker Script<\/h3><p>Download the <a href=\"https:\/\/github.com\/dpaulson45\/HealthChecker#download\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">HealthChecker.ps1<\/a> (Exchange Server Health Checker) PowerShell script from GitHub and then follow these steps:<\/p><ul class=\"wp-block-list\" type=\"1\"><li>Open EMS and navigate to the folder where <strong>HealthChecker.ps1 <\/strong>script is located.<\/li><li>Run the following command:<\/li><\/ul><p>.\\HealthChecker.ps1<\/p><figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"961\" height=\"336\" src=\"https:\/\/www.stellarinfo.com\/blog\/wp-content\/uploads\/2021\/09\/healthchecker-script-1.png\" alt=\"healthchecker script\" class=\"wp-image-87392 apply-gradient-on-post-images\" srcset=\"https:\/\/www.stellarinfo.com\/blog\/wp-content\/uploads\/2021\/09\/healthchecker-script-1.png 961w, https:\/\/www.stellarinfo.com\/blog\/wp-content\/uploads\/2021\/09\/healthchecker-script-1-300x105.png 300w, https:\/\/www.stellarinfo.com\/blog\/wp-content\/uploads\/2021\/09\/healthchecker-script-1-768x269.png 768w\" sizes=\"auto, (max-width: 961px) 100vw, 961px\" \/><\/figure><ul class=\"wp-block-list\"><li>You may also use the <strong>-server<\/strong> parameter to run the script for a specific server. For example,<\/li><\/ul><p>.\\HealthChecker.ps1 -Server Exch01<\/p><ul class=\"wp-block-list\"><li>In case of an error during the execution of the above commands, run the following command in EMS to bypass the execution policy (temporarily).<\/li><\/ul><p>Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass<\/p><p>The script output will display the vulnerabilities that you need to patch by installing the Microsoft Exchange cumulative and security updates.<\/p><h3 class=\"wp-block-heading\">Step 2: Run EOMT<\/h3><p>EOMT is Microsoft&rsquo;s Exchange On-Premises Mitigation tool to mitigate the risks and remove threats and web shells from the compromised server. The steps to run EOMT tool are as follows:<\/p><ul class=\"wp-block-list\"><li>Download the <a href=\"https:\/\/github.com\/microsoft\/CSS-Exchange\/tree\/main\/Security\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">EOMT.ps1<\/a> PowerShell script.<\/li><li>Open EMS and navigate to the location where EOMT.ps1 is located.<\/li><li>Then execute the following command:<\/li><\/ul><p>.\\EOMT.ps1<\/p><ul class=\"wp-block-list\"><li>The tool runs Microsoft Safety Scanner (MSERT) in Quick Scan mode. It finds and removes threats and web shells installed by the attacker.<\/li><\/ul><h3 class=\"wp-block-heading\">Step 3: Install Exchange Server Updates<\/h3><p>Finally, download and install the Exchange Server cumulative and security updates to patch the ProxyToken, ProxyShell, ProxyOracle, and other vulnerabilities and protect your servers from threats. Refer to our blog on&nbsp;<a href=\"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-remote-code-execution-vulnerability-flaws-and-fixes\/\">Microsoft Exchange Remote Code Execution Vulnerability Flaws and their Fixes<\/a> to know more about the vulnerabilities and install Exchange Server security updates.<\/p><h2 class=\"wp-block-heading\" id=\"conclusion\">Conclusion<\/h2><p>ProxyToken is a new RCE vulnerability found in Microsoft Exchange Server 2013, 2016, and 2019. Although Microsoft released the cumulative updates to patch ProxyToken vulnerability in July 2021, thousands of Microsoft Exchange servers are still unpatched and vulnerable to malicious attacks. Therefore, the best defense against malicious attacks is to install the updates released by Microsoft to patch the Exchange Server. Also, maintain a regular VSS backup to prevent data loss if threat actors compromise your server. You may use an Exchange Recovery software, such as <a href=\"https:\/\/www.stellarinfo.com\/edb-exchange-server-recovery.htm\" target=\"_blank\" rel=\"noreferrer noopener\">Stellar Repair for Exchange<\/a>, to recover mailboxes from a compromised Exchange Server database and save them to PST or export them directly to a new live Exchange Server or Office 365.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>ProxyToken is the latest &lsquo;proxy&rsquo; (authentication bypass) vulnerability that has emerged, after&hellip; <a class=\"more-link\" href=\"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/\">Continue reading <span class=\"screen-reader-text\">New &#8216;ProxyToken&#8217; Flaw Lets Attackers Reconfigure Exchange Mailboxes<\/span><\/a><\/p>\n","protected":false},"author":32,"featured_media":87417,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[5298],"tags":[2219,2220],"class_list":["post-87391","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ransomware","tag-proxytoken","tag-proxytoken-flaw","entry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.9 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Exchange ProxyToken Flaw Can allow Attackers to Reconfigure Mailboxes<\/title>\n<meta name=\"description\" content=\"A complete guide for Microsoft Exchange ProxyToken flaw in detail and mentioned the steps to patch the vulnerability and safeguard the Exchange Server from malicious attacks.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Exchange ProxyToken Flaw Can allow Attackers to Reconfigure Mailboxes\" \/>\n<meta property=\"og:description\" content=\"A complete guide for Microsoft Exchange ProxyToken flaw in detail and mentioned the steps to patch the vulnerability and safeguard the Exchange Server from malicious attacks.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/\" \/>\n<meta property=\"og:site_name\" content=\"Stellar Data Recovery Blog\" \/>\n<meta property=\"article:author\" content=\"https:\/\/facebook.com\/raavisingh\" \/>\n<meta property=\"article:published_time\" content=\"2021-09-06T09:56:15+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-07-20T06:47:48+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.stellarinfo.com\/blog\/wp-content\/uploads\/2021\/09\/New-Microsoft-Exchange-ProxyToken-Flaw-Lets-Attackers-Reconfigure-Mailboxes.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1000\" \/>\n\t<meta property=\"og:image:height\" content=\"600\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ravi Singh\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/twitter.com\/ravi51ngh\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ravi Singh\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/\"},\"author\":{\"name\":\"Ravi Singh\",\"@id\":\"https:\/\/www.stellarinfo.com\/blog\/#\/schema\/person\/7dea10d15c0307370e21d7da07d0cd11\"},\"headline\":\"New &#8216;ProxyToken&#8217; Flaw Lets Attackers Reconfigure Exchange Mailboxes\",\"datePublished\":\"2021-09-06T09:56:15+00:00\",\"dateModified\":\"2023-07-20T06:47:48+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/\"},\"wordCount\":827,\"commentCount\":0,\"image\":{\"@id\":\"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.stellarinfo.com\/blog\/wp-content\/uploads\/2021\/09\/New-Microsoft-Exchange-ProxyToken-Flaw-Lets-Attackers-Reconfigure-Mailboxes.jpg\",\"keywords\":[\"ProxyToken\",\"ProxyToken flaw\"],\"articleSection\":[\"Ransomware\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/\",\"url\":\"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/\",\"name\":\"Exchange ProxyToken Flaw Can allow Attackers to Reconfigure Mailboxes\",\"isPartOf\":{\"@id\":\"https:\/\/www.stellarinfo.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.stellarinfo.com\/blog\/wp-content\/uploads\/2021\/09\/New-Microsoft-Exchange-ProxyToken-Flaw-Lets-Attackers-Reconfigure-Mailboxes.jpg\",\"datePublished\":\"2021-09-06T09:56:15+00:00\",\"dateModified\":\"2023-07-20T06:47:48+00:00\",\"author\":{\"@id\":\"https:\/\/www.stellarinfo.com\/blog\/#\/schema\/person\/7dea10d15c0307370e21d7da07d0cd11\"},\"description\":\"A complete guide for Microsoft Exchange ProxyToken flaw in detail and mentioned the steps to patch the vulnerability and safeguard the Exchange Server from malicious attacks.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/#primaryimage\",\"url\":\"https:\/\/www.stellarinfo.com\/blog\/wp-content\/uploads\/2021\/09\/New-Microsoft-Exchange-ProxyToken-Flaw-Lets-Attackers-Reconfigure-Mailboxes.jpg\",\"contentUrl\":\"https:\/\/www.stellarinfo.com\/blog\/wp-content\/uploads\/2021\/09\/New-Microsoft-Exchange-ProxyToken-Flaw-Lets-Attackers-Reconfigure-Mailboxes.jpg\",\"width\":1000,\"height\":600,\"caption\":\"New 'ProxyToken' Flaw Lets Attackers Reconfigure Exchange Mailboxes\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.stellarinfo.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"New &#8216;ProxyToken&#8217; Flaw Lets Attackers Reconfigure Exchange Mailboxes\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.stellarinfo.com\/blog\/#website\",\"url\":\"https:\/\/www.stellarinfo.com\/blog\/\",\"name\":\"Stellar Data Recovery Blog\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.stellarinfo.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.stellarinfo.com\/blog\/#\/schema\/person\/7dea10d15c0307370e21d7da07d0cd11\",\"name\":\"Ravi Singh\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.stellarinfo.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/9e95cad83fe279b559794f62193f34300d01db8f9f2ec45ce529b7ecde3796ba?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/9e95cad83fe279b559794f62193f34300d01db8f9f2ec45ce529b7ecde3796ba?s=96&d=mm&r=g\",\"caption\":\"Ravi Singh\"},\"description\":\"Ravi Singh is a Senior Writer at Stellar\u00ae. He is an expert Tech Explainer, IoT enthusiast, and a passionate nerd with over 7 years of experience in technical writing. He writes about Microsoft Exchange, Microsoft 365, Email Migration, Linux, Windows, Mac, DIY Tech, and Smart Home. Ravi spends most of his weekends working with IoT (DIY Smart Home) devices and playing Overwatch. He is also a solo traveler who loves hiking and exploring new trails.\",\"sameAs\":[\"https:\/\/stellarinfo.com\/blog\",\"https:\/\/facebook.com\/raavisingh\",\"https:\/\/instagram.com\/ravi.s1ngh\",\"https:\/\/linkedin.com\/in\/ravi-singh-5a65356a\/\",\"https:\/\/x.com\/https:\/\/twitter.com\/ravi51ngh\",\"https:\/\/youtube.com\/ravisingh9\"],\"url\":\"https:\/\/www.stellarinfo.com\/blog\/author\/ravi\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Exchange ProxyToken Flaw Can allow Attackers to Reconfigure Mailboxes","description":"A complete guide for Microsoft Exchange ProxyToken flaw in detail and mentioned the steps to patch the vulnerability and safeguard the Exchange Server from malicious attacks.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/","og_locale":"en_US","og_type":"article","og_title":"Exchange ProxyToken Flaw Can allow Attackers to Reconfigure Mailboxes","og_description":"A complete guide for Microsoft Exchange ProxyToken flaw in detail and mentioned the steps to patch the vulnerability and safeguard the Exchange Server from malicious attacks.","og_url":"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/","og_site_name":"Stellar Data Recovery Blog","article_author":"https:\/\/facebook.com\/raavisingh","article_published_time":"2021-09-06T09:56:15+00:00","article_modified_time":"2023-07-20T06:47:48+00:00","og_image":[{"width":1000,"height":600,"url":"https:\/\/www.stellarinfo.com\/blog\/wp-content\/uploads\/2021\/09\/New-Microsoft-Exchange-ProxyToken-Flaw-Lets-Attackers-Reconfigure-Mailboxes.jpg","type":"image\/jpeg"}],"author":"Ravi Singh","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/twitter.com\/ravi51ngh","twitter_misc":{"Written by":"Ravi Singh","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/#article","isPartOf":{"@id":"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/"},"author":{"name":"Ravi Singh","@id":"https:\/\/www.stellarinfo.com\/blog\/#\/schema\/person\/7dea10d15c0307370e21d7da07d0cd11"},"headline":"New &#8216;ProxyToken&#8217; Flaw Lets Attackers Reconfigure Exchange Mailboxes","datePublished":"2021-09-06T09:56:15+00:00","dateModified":"2023-07-20T06:47:48+00:00","mainEntityOfPage":{"@id":"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/"},"wordCount":827,"commentCount":0,"image":{"@id":"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/#primaryimage"},"thumbnailUrl":"https:\/\/www.stellarinfo.com\/blog\/wp-content\/uploads\/2021\/09\/New-Microsoft-Exchange-ProxyToken-Flaw-Lets-Attackers-Reconfigure-Mailboxes.jpg","keywords":["ProxyToken","ProxyToken flaw"],"articleSection":["Ransomware"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/","url":"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/","name":"Exchange ProxyToken Flaw Can allow Attackers to Reconfigure Mailboxes","isPartOf":{"@id":"https:\/\/www.stellarinfo.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/#primaryimage"},"image":{"@id":"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/#primaryimage"},"thumbnailUrl":"https:\/\/www.stellarinfo.com\/blog\/wp-content\/uploads\/2021\/09\/New-Microsoft-Exchange-ProxyToken-Flaw-Lets-Attackers-Reconfigure-Mailboxes.jpg","datePublished":"2021-09-06T09:56:15+00:00","dateModified":"2023-07-20T06:47:48+00:00","author":{"@id":"https:\/\/www.stellarinfo.com\/blog\/#\/schema\/person\/7dea10d15c0307370e21d7da07d0cd11"},"description":"A complete guide for Microsoft Exchange ProxyToken flaw in detail and mentioned the steps to patch the vulnerability and safeguard the Exchange Server from malicious attacks.","breadcrumb":{"@id":"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/#primaryimage","url":"https:\/\/www.stellarinfo.com\/blog\/wp-content\/uploads\/2021\/09\/New-Microsoft-Exchange-ProxyToken-Flaw-Lets-Attackers-Reconfigure-Mailboxes.jpg","contentUrl":"https:\/\/www.stellarinfo.com\/blog\/wp-content\/uploads\/2021\/09\/New-Microsoft-Exchange-ProxyToken-Flaw-Lets-Attackers-Reconfigure-Mailboxes.jpg","width":1000,"height":600,"caption":"New 'ProxyToken' Flaw Lets Attackers Reconfigure Exchange Mailboxes"},{"@type":"BreadcrumbList","@id":"https:\/\/www.stellarinfo.com\/blog\/microsoft-exchange-proxytoken-flaw\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.stellarinfo.com\/blog\/"},{"@type":"ListItem","position":2,"name":"New &#8216;ProxyToken&#8217; Flaw Lets Attackers Reconfigure Exchange Mailboxes"}]},{"@type":"WebSite","@id":"https:\/\/www.stellarinfo.com\/blog\/#website","url":"https:\/\/www.stellarinfo.com\/blog\/","name":"Stellar Data Recovery Blog","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.stellarinfo.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.stellarinfo.com\/blog\/#\/schema\/person\/7dea10d15c0307370e21d7da07d0cd11","name":"Ravi Singh","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.stellarinfo.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/9e95cad83fe279b559794f62193f34300d01db8f9f2ec45ce529b7ecde3796ba?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/9e95cad83fe279b559794f62193f34300d01db8f9f2ec45ce529b7ecde3796ba?s=96&d=mm&r=g","caption":"Ravi Singh"},"description":"Ravi Singh is a Senior Writer at Stellar\u00ae. He is an expert Tech Explainer, IoT enthusiast, and a passionate nerd with over 7 years of experience in technical writing. He writes about Microsoft Exchange, Microsoft 365, Email Migration, Linux, Windows, Mac, DIY Tech, and Smart Home. Ravi spends most of his weekends working with IoT (DIY Smart Home) devices and playing Overwatch. He is also a solo traveler who loves hiking and exploring new trails.","sameAs":["https:\/\/stellarinfo.com\/blog","https:\/\/facebook.com\/raavisingh","https:\/\/instagram.com\/ravi.s1ngh","https:\/\/linkedin.com\/in\/ravi-singh-5a65356a\/","https:\/\/x.com\/https:\/\/twitter.com\/ravi51ngh","https:\/\/youtube.com\/ravisingh9"],"url":"https:\/\/www.stellarinfo.com\/blog\/author\/ravi\/"}]}},"_links":{"self":[{"href":"https:\/\/www.stellarinfo.com\/blog\/wp-json\/wp\/v2\/posts\/87391","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.stellarinfo.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.stellarinfo.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.stellarinfo.com\/blog\/wp-json\/wp\/v2\/users\/32"}],"replies":[{"embeddable":true,"href":"https:\/\/www.stellarinfo.com\/blog\/wp-json\/wp\/v2\/comments?post=87391"}],"version-history":[{"count":11,"href":"https:\/\/www.stellarinfo.com\/blog\/wp-json\/wp\/v2\/posts\/87391\/revisions"}],"predecessor-version":[{"id":87431,"href":"https:\/\/www.stellarinfo.com\/blog\/wp-json\/wp\/v2\/posts\/87391\/revisions\/87431"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.stellarinfo.com\/blog\/wp-json\/wp\/v2\/media\/87417"}],"wp:attachment":[{"href":"https:\/\/www.stellarinfo.com\/blog\/wp-json\/wp\/v2\/media?parent=87391"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.stellarinfo.com\/blog\/wp-json\/wp\/v2\/categories?post=87391"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.stellarinfo.com\/blog\/wp-json\/wp\/v2\/tags?post=87391"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}