Rewterz Threat Advisory – CVE-2022-2294 – Google Chrome Zero-Day Vulnerability Exploited in the Wild
July 5, 2022Rewterz Threat Alert – STOP/DJVU Ransomware – Active IOCs
July 5, 2022Rewterz Threat Advisory – CVE-2022-2294 – Google Chrome Zero-Day Vulnerability Exploited in the Wild
July 5, 2022Rewterz Threat Alert – STOP/DJVU Ransomware – Active IOCs
July 5, 2022Severity
Medium
Analysis Summary
CVE-2022-2077
Microsoft Outlook 365 could allow a remote authenticated attacker to bypass security restrictions, caused by improper access control by the Conditional Access Policy. By sending a specially crafted request, an attacker could exploit this vulnerability to allow simultaneous usage of the same authorized session cookies from different web browsers.
Impact
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2022-2077
Affected Vendors
Microsoft
Affected Products
Microsoft Outlook 365
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.