projectdiscovery · DhiyaneshGeek · May 13, 2024 · May 11, 2024
diff --git a/http/misconfiguration/microsoft/ms-exchange-local-domain.yaml b/http/misconfiguration/microsoft/ms-exchange-local-domain.yaml
@@ -1,45 +1,45 @@
-id: ms-exchange-local-domain
-
-info:
-  name: Microsoft Exchange Autodiscover - Local Domain Exposure
-  author: userdehghani
-  severity: low
-  description: |
-    Microsoft Exchange is prone to a local domain exposure using the Autodiscover v2 endpoint.
-  impact: |
-    An attacker can leverage this information for reconnaissance and targeted attacks.
-  remediation: |
-    Restrict access to the Autodiscover service or configure it to not expose local domain information.
-  reference:
-    - https://support.microsoft.com/en-gb/topic/autodiscover-v2-returns-internalurl-not-externalurls-in-other-site-774301e2-2d1e-d5e0-aa41-a49f6e9b06f4
-  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cwe-id: CWE-200
-  metadata:
-    verified: true
-    max-request: 1
-    shodan-query: http.title:outlook exchange
-  tags: misconfig, microsoft,ms-exchange,ad,dc
-
-http:
-  - method: GET
-    path:
-      - "{{BaseURL}}/autodiscover/autodiscover.json?Protocol=ActiveSync&Email=user@domain.tld&RedirectCount=1"
-
-    matchers-condition: and
-    matchers:
-      - type: regex
-        part: header
-        regex:
-          - "(?i)(X-Calculatedbetarget:)"
-
-      - type: status
-        status:
-          - 200
-          - 302
-
-    extractors:
-      - type: kval
-        kval:
-          - x_calculatedbetarget
-# digest: 490a0046304402205f025e53bc125c91f858165a0912ddc8edd46b6b2370f2ef02cad79aa821edb002200f38bd6dc2bf6d5add1b15173de97999b01080b7297cc21eeee3206f3aed7a2d:922c64590222798bb761d5b6d8e72950
+id: ms-exchange-local-domain
+
+info:
+  name: Microsoft Exchange Autodiscover - Local Domain Exposure
+  author: userdehghani
+  severity: info
+  description: |
+    Microsoft Exchange is prone to a local domain exposure using the Autodiscover v2 endpoint.
+  impact: |
+    An attacker can leverage this information for reconnaissance and targeted attacks.
+  remediation: |
+    Restrict access to the Autodiscover service or configure it to not expose local domain information.
+  reference:
+    - https://support.microsoft.com/en-gb/topic/autodiscover-v2-returns-internalurl-not-externalurls-in-other-site-774301e2-2d1e-d5e0-aa41-a49f6e9b06f4
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cwe-id: CWE-200
+  metadata:
+    verified: true
+    max-request: 1
+    shodan-query: http.title:outlook exchange
+  tags: misconfig, microsoft,ms-exchange,ad,dc
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/autodiscover/autodiscover.json?Protocol=ActiveSync&Email=user@domain.tld&RedirectCount=1"
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        part: header
+        regex:
+          - "(?i)(X-Calculatedbetarget:)"
+
+      - type: status
+        status:
+          - 200
+          - 302
+
+    extractors:
+      - type: kval
+        kval:
+          - x_calculatedbetarget
+# digest: 490a0046304402205f025e53bc125c91f858165a0912ddc8edd46b6b2370f2ef02cad79aa821edb002200f38bd6dc2bf6d5add1b15173de97999b01080b7297cc21eeee3206f3aed7a2d:922c64590222798bb761d5b6d8e72950