id: microsoft-exchange-server-detect info: name: Microsoft Exchange Server Detect author: pikpikcu severity: info reference: https://github.com/GossiTheDog/scanning/blob/main/http-vuln-exchange.nse description: | Check for Exchange Server CVEs CVE-2021-26855, CVE-2021-26857, CVE-2021-26858 and CVE-2021-27065,using Outlook Web App path data. requests: - method: GET path: - "{{BaseURL}}/owa/auth/logon.aspx" matchers-condition: and matchers: - type: status status: - 200 - type: regex regex: - "(X-Owa-Version:|/owa/auth/15.2.*|/owa/auth/15.1.*|/owa/auth/15.0.*|/owa/auth/14.0.*)" part: all extractors: - type: kval part: header kval: - X-Owa-Version