Microsoft Exchange Server Remote Code Execution Vulnerability
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/163895/Microsoft-Exchange-ProxyShell-Remote-Code-Execution.html | Exploit Third Party Advisory VDB Entry |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34473 | Patch Vendor Advisory |
https://www.zerodayinitiative.com/advisories/ZDI-21-821/ | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
History
28 Dec 2023, 23:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) Microsoft Exchange Server Remote Code Execution Vulnerability | |
CVSS |
v2 : v3 : |
v2 : 10.0
v3 : 9.1 |
12 Jul 2022, 17:42
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-918 |
21 Sep 2021, 17:38
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.zerodayinitiative.com/advisories/ZDI-21-821/ - Third Party Advisory, VDB Entry | |
References | (MISC) http://packetstormsecurity.com/files/163895/Microsoft-Exchange-ProxyShell-Remote-Code-Execution.html - Exploit, Third Party Advisory, VDB Entry |
20 Aug 2021, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
19 Jul 2021, 15:35
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
References | (MISC) https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34473 - Patch, Vendor Advisory | |
CPE | cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_19:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_8:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 10.0
v3 : 9.8 |
CWE | NVD-CWE-noinfo |
14 Jul 2021, 19:14
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-07-14 18:15
Updated : 2023-12-28 23:15
NVD link : CVE-2021-34473
Mitre link : CVE-2021-34473
CVE.ORG link : CVE-2021-34473
JSON object : View
Products Affected
microsoft
- exchange_server
CWE
CWE-918
Server-Side Request Forgery (SSRF)