CVE-2021-31195
Microsoft Exchange Server Remote Code Execution Vulnerability
In short
A flaw in Microsoft Exchange Server allows an attacker to run malicious code on the server if they can send a specially crafted request. This is dangerous because Exchange servers often handle sensitive business emails and data.
Technical detail
The vulnerability exploits improper validation of input in Exchange Server components, allowing an unauthenticated or low-privilege attacker to execute arbitrary code through a network vector. Successful exploitation can lead to complete compromise of the Exchange service and access to sensitive email data.
Summary generated and translated by AI from the official description.
Microsoft Exchange Server Remote Code Execution Vulnerability
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Affected products
Microsoft · Microsoft Exchange Server 2013 Cumulative Update 23Microsoft · Microsoft Exchange Server 2016 Cumulative Update 19Microsoft · Microsoft Exchange Server 2016 Cumulative Update 20Microsoft · Microsoft Exchange Server 2019 Cumulative Update 8Microsoft · Microsoft Exchange Server 2019 Cumulative Update 9Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →