{ "target": "Al Mayadeen Network", "exchange": { "serverFqdn": "BHS-EX09.ITTIHADTV.LOCAL", "internalAdDomain": "ITTIHADTV.LOCAL", "version": "Exchange 2016 CU23 (15.1.2507.59)", "aspNetVersion": "4.0.30319", "loginFormat": "ITTIHADTV\\username", "loginReasonCodes": "reason=0:none, reason=1:timeout, reason=2:invalidCredentials, reason=3:locked", "iisVersion": "8.5", "owaUrl": "https://autodiscover.almayadeen.net/owa/auth/logon.aspx", "ecpUrl": "https://autodiscover.almayadeen.net/ecp/", "ewsUrl": "https://autodiscover.almayadeen.net/ews/exchange.asmx", "mapiUrl": "https://autodiscover.almayadeen.net/mapi/", "rpcUrl": "https://autodiscover.almayadeen.net/rpc/", "healthcheck": "https://autodiscover.almayadeen.net/owa/healthcheck.htm", "healthcheckResponse": "200 OK
BHS-EX09.ITTIHADTV.LOCAL", "federationMetadata": "https://autodiscover.almayadeen.net/autodiscover/metadata/json/1", "federationRealm": "almayadeen.net", "authCertThumbprint": "B2BBL_9jBZevT87C3_XGGbydTjY", "authCertExpiry": "2027-01-03", "autodiscoverJson": "https://autodiscover.almayadeen.net/autodiscover/autodiscover.json", "primaryMailFqdn": "mail.almayadeen.net", "powershellEndpoint": "https://autodiscover.almayadeen.net/powershell", "activeSyncEndpoint": "https://autodiscover.almayadeen.net/Microsoft-Server-ActiveSync", "mrsProxyEndpoint": "https://autodiscover.almayadeen.net/ews/mrsproxy.svc", "oabEndpoint": "https://autodiscover.almayadeen.net/OAB/", "wsSecurityEnabled": true, "oauthEnabled": true, "activeSyncAuthType": "Basic (cleartext credentials)", "ntlmEnabled": true, "backendServers": { "BHS-EX01": "Backend mailbox (DAG member)", "BHS-EX02": "Backend mailbox (DAG member)", "BHS-EX03": "Backend mailbox (DAG member)", "BHS-EX04": "Backend mailbox (DAG member)", "BHS-EX05": "Backend mailbox (DAG member, federation OAuth on port 444)", "BHS-EX09": "Frontend CAS (internet-facing)" }, "missingServers": ["BHS-EX06", "BHS-EX07", "BHS-EX08"], "ssrfBackendLeak": "Autodiscover JSON path leaks X-BEServer, X-CalculatedBETarget, X-DiagInfo headers" }, "emailSecurity": { "dmarc": "v=DMARC1; p=none", "dmarcEnforcement": "NONE (spoofing possible)", "dkim": "NOT CONFIGURED", "spf": "v=spf1 a mx ip4:80.81.152.41 ip4:89.249.221.244 -all" }, "originIps": { "webOrigin1": "80.81.152.41", "webOrigin2": "89.249.221.244", "mailPrimary": "89.249.221.252", "mailSecondary": "80.81.152.37", "ftpServer": "89.249.221.245", "mxRelay": "194.126.9.230" }, "docker": { "portalApi": "94a743b785f9", "portalBetaApi": "57660472686f", "publicApi": "cd4b3868f98b", "portalStagingApi": "63d26ec15c1d", "publicApiStaging": "0314cab697ec", "publicApiBeta": "5b0c704d44be" }, "azureOpenAI": { "apiUrl": "https://mdn-open-ai.openai.azure.com", "deployment": "mdn-gpt-4", "apiVersion": "2024-05-01-preview" }, "mangoXCms": { "subscriptionCode": "mangopulse", "postTypeCode": "article", "loginEndpoint": "POST /api/auth/login", "developer": "M3almi KING Kassem" }, "loaderIo": "e26421201d5e0b60d1522ebe1a7c770f", "googleVerification": [ "9ccXUvjKiv9Reva0HD4QNVTFHO6SidPD7-Z7KRt3gqU", "PNUy--Lzy6bkRJcScDS9HvytsuwjhHETuiYIXUAMDPU", "QTUyXVxdcLNuugOu2W47Y2iST1MJpmNa8loe7p7FwIk" ], "cveAnalysis": { "currentBuild": "15.1.2507.59", "currentPatch": "Sep25HU (September 8, 2025)", "latestAvailable": "15.1.2507.66 (Feb26SU)", "patchesBehind": 3, "daysSinceLastPatch": 173, "os": "Windows Server 2012 R2 (END OF SUPPORT - Oct 2023)", "unpatchedCves": [ {"cve": "CVE-2025-59249", "type": "Elevation of Privilege", "cvss": 8.8, "severity": "HIGH"}, {"cve": "CVE-2025-53782", "type": "Elevation of Privilege", "cvss": 8.4, "severity": "HIGH"}, {"cve": "CVE-2025-59248", "type": "Spoofing", "cvss": null, "severity": "UNRATED"}, {"cve": "CVE-2025-64666", "type": "Elevation of Privilege", "cvss": null, "severity": "UNRATED"}, {"cve": "CVE-2025-64667", "type": "Spoofing", "cvss": null, "severity": "UNRATED"}, {"cve": "CVE-2026-21527", "type": "Spoofing (no auth)", "cvss": 6.5, "severity": "MEDIUM"} ] }, "collected": "2026-02-28", "updated": "2026-02-28T05:30:00Z" }