Microsoft Exchange Server Security Feature Bypass Vulnerability
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/163895/Microsoft-Exchange-ProxyShell-Remote-Code-Execution.html | Exploit Third Party Advisory VDB Entry |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31207 | Patch Vendor Advisory |
https://www.zerodayinitiative.com/advisories/ZDI-21-819/ | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
History
08 Aug 2023, 14:21
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-434 |
02 Aug 2023, 00:15
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 6.5
v3 : 6.6 |
12 Jul 2022, 17:42
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-22 |
21 Sep 2021, 17:45
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.zerodayinitiative.com/advisories/ZDI-21-819/ - Third Party Advisory, VDB Entry | |
References | (MISC) http://packetstormsecurity.com/files/163895/Microsoft-Exchange-ProxyShell-Remote-Code-Execution.html - Exploit, Third Party Advisory, VDB Entry |
20 Aug 2021, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
18 May 2021, 20:40
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 6.5
v3 : 7.2 |
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_19:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_8:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:* |
|
References | (N/A) https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31207 - Patch, Vendor Advisory |
11 May 2021, 19:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-05-11 19:15
Updated : 2023-12-10 13:55
NVD link : CVE-2021-31207
Mitre link : CVE-2021-31207
CVE.ORG link : CVE-2021-31207
JSON object : View
Products Affected
microsoft
- exchange_server
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type