id: microsoft-exchange-server-detect

info:
  name: Microsoft Exchange Server Detect
  author: pikpikcu
  severity: info
  reference: https://github.com/GossiTheDog/scanning/blob/main/http-vuln-exchange.nse
  description: |
       Check for Exchange Server CVEs CVE-2021-26855, CVE-2021-26857, CVE-2021-26858 and CVE-2021-27065,using Outlook Web App path data.

requests:
  - method: GET
    path:
      - "{{BaseURL}}/owa/auth/logon.aspx"

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200

      - type: regex
        regex:
          - "(X-Owa-Version:|/owa/auth/15.2.*|/owa/auth/15.1.*|/owa/auth/15.0.*|/owa/auth/14.0.*)"
        part: all

    extractors:
      - type: kval
        part: header
        kval:
          - X-Owa-Version