{"vulnerability": "CVE-2020-17143", "sightings": [{"uuid": "a436a3da-ef22-49a9-9fcf-17d360213724", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-17143", "type": "published-proof-of-concept", "source": "https://t.me/cKure/3251", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 PoC exploits for CVE-2020-17143 and CVE-2020-17141 the XXE bugs against Exchange Server.\n\n- Low privileged authentication only\n- CVE-2020-17141 is in the EWS API.\n\nhttps://srcincite.io/pocs/cve-2020-17143.py.txt\nhttps://srcincite.io/pocs/cve-2020-17141.py.txt", "creation_timestamp": "2020-12-14T18:55:54.000000Z"}, {"uuid": "ee36ca4f-d8e4-45c8-8e6e-c81b83c73c06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-17143", "type": "published-proof-of-concept", "source": "https://t.me/HackerOne/2871", "content": "PoC exploits for CVE-2020-17143 and CVE-2020-17141 which demonstrate the XXE bugs against Exchange Server.\n\n- Low privileged authentication only\n- CVE-2020-17141 is interesting because its in the EWS API\n\nhttps://srcincite.io/pocs/cve-2020-17143.py.txt\nhttps://srcincite.io/pocs/cve-2020-17141.py.txt", "creation_timestamp": "2020-12-14T21:30:35.000000Z"}, {"uuid": "c0f3ebd2-a87a-445c-a5c9-0dcd8be466d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-17143", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/2272", "content": "#exploit\nCVE-2020-17144:\nExchange 2010 Authorized RCE\nhttps://github.com/Airboi/CVE-2020-17144-EXP\n]-> PoC exploits for CVE-2020-17143, CVE-2020-17141 which demonstrate the XXE bugs against Exchange Server (the Low privileged authentication only - the CVE-2020-17141 is interesting Because the ITS in the API the EWS):\nhttps://srcincite.io/pocs/cve-2020-17143.py.txt\nhttps://srcincite.io/pocs/cve-2020-17141.py.txt", "creation_timestamp": "2024-10-09T20:14:59.000000Z"}]}