9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.973 High
EPSS
Percentile
99.9%
ProxyShell is an exploit chain targeting on-premise installations of Microsoft Exchange Server. It was demonstrated by Orange Tsai at Pwn2Own in April 2021 and is comprised of three CVEs that, when chained, allow a remote unauthenticated attacker to execute arbitrary code on vulnerable targets. The three CVEs are CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207.
Details are available in Orange Tsai’s Black Hat USA 2020 talk and follow-on blog series. ProxyShell is being broadly exploited in the wild as of August 12, 2021.
Recent assessments:
ccondon-r7 at August 12, 2021 9:19pm UTC reported:
Check out the Rapid7 analysis for details on the exploit chain. Seems like a lot of the PoC implementations so far are using admin mailboxes, but I’d imagine folks are going to start finding ways around that soon.
Assessed Attacker Value: 5
Assessed Attacker Value: 5Assessed Attacker Value: 4
attackerkb.com/topics/5F0CGZWw61/cve-2021-31207
attackerkb.com/topics/pUK1MXLZkW/cve-2021-34473
attackerkb.com/topics/RY7LpTmyCj/cve-2021-34523
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31207
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34473
msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34523
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.973 High
EPSS
Percentile
99.9%