Lucene search

Basic search
Lucene search
Search by product

Database

Vendors

CISACISA-KEV-CVE-2021-34523

HistoryNov 03, 2021 - 12:00 a.m.

Vulners
/
Cisa Kev
/
Microsoft Exchange Server Privilege Escalation Vulnerability

Microsoft Exchange Server Privilege Escalation Vulnerability

2021-11-0300:00:00

CISA

www.cisa.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

EPSS

0.859

Percentile

98.6%

JSON

Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation.

attackerkb 2

cve 1

threatpost 9

zdi 1

mscve 1

prion 1

cvelist 1

nvd 1

checkpoint_advisories 1

malwarebytes 6

githubexploit 1

packetstorm 1

msrc 2

rapid7blog 6

thn 10

hivepro 7

fireeye 1

trellix 2

metasploit 1

zdt 1

cisa 1

pentestpartners 1

qualysblog 8

ics 5

securelist 3

mmpc 1

kaspersky 1

mskb 1

nessus 1

krebs 1

avleonov 2

attackerkb

CVE-2021-34523

2021-07-14 00:00:00

ProxyShell Exploit Chain

2023-12-28 00:00:00

cve

CVE-2021-34523

2021-07-14 18:15:12

threatpost

SideWalk Backdoor Linked to China-Linked Spy Group ‘Grayfly’

2021-09-09 14:30:56

IKEA Hit by Email Reply-Chain Cyberattack

2021-11-29 21:22:12

‘Tortilla’ Wraps Exchange Servers in ProxyShell Attacks

2021-11-03 18:16:37

zdi

(Pwn2Own) Microsoft Exchange Server PowerShell Improper Authentication Remote Code Execution Vulnerability

2021-07-19 00:00:00

mscve

Microsoft Exchange Server Elevation of Privilege Vulnerability

2021-07-13 07:00:00

prion

Privilege escalation

2021-07-14 18:15:00

cvelist

CVE-2021-34523 Microsoft Exchange Server Elevation of Privilege Vulnerability

2021-07-14 17:54:38

nvd

CVE-2021-34523

2021-07-14 18:15:12

checkpoint_advisories

Microsoft Exchange Server Remote Code Execution (CVE-2021-34473; CVE-2021-34523)

2021-07-14 00:00:00

malwarebytes

Patch now! Microsoft Exchange is being attacked via ProxyShell

2021-08-23 13:21:08

IIS extensions are on the rise as backdoors to servers

2022-07-27 13:58:06

AvosLocker ransomware uses Microsoft Exchange Server vulnerabilities, says FBI

2022-03-21 21:09:12

githubexploit

Exploit for Vulnerability in Microsoft

2021-10-02 07:29:24

packetstorm

Microsoft Exchange ProxyShell Remote Code Execution

2021-08-20 00:00:00

msrc

April 2021 Update Tuesday packages now available

2021-04-13 07:00:00

April 2021 Update Tuesday packages now available

2021-04-13 07:00:00

rapid7blog

For Microsoft Exchange Server Vulnerabilities, Patching Remains Patchy

2021-10-06 14:07:12

ProxyShell: More Widespread Exploitation of Microsoft Exchange Servers

2021-08-12 21:08:43

Metasploit Wrap-Up

2021-08-20 19:12:00

thn

New Incident Report Reveals How Hive Ransomware Targets Organizations

2022-04-21 10:00:00

WARNING: Microsoft Exchange Under Attack With ProxyShell Flaws

2021-08-22 09:51:00

MS Exchange Server Flaws Exploited to Deploy Keylogger in Targeted Attacks

2024-05-22 07:41:00

hivepro

Hive Ransomware targets organizations with ProxyShell exploit

2022-04-22 14:34:47

BlackByte ransomware exploits Microsoft Servers ProxyShell Vulnerabilities

2021-12-07 13:24:49

Magic Hound Exploiting Old Microsoft Exchange ProxyShell Vulnerabilities

2022-03-25 04:05:09

fireeye

PST, Want a Shell? ProxyShell Exploiting Microsoft Exchange Servers

2021-09-03 10:00:00

trellix

Trellix Global Defenders: Analysis and Protections for BlackByte Ransomware

2022-02-28 00:00:00

Trellix Global Defenders: Analysis and Protections for BlackByte Ransomware

2022-02-28 00:00:00

metasploit

Microsoft Exchange ProxyShell RCE

2021-08-18 14:50:34

zdt

Microsoft Exchange ProxyShell Remote Code Execution Exploit

2021-08-21 00:00:00

cisa

Urgent: Protect Against Active Exploitation of ProxyShell Vulnerabilities

2021-08-21 00:00:00

pentestpartners

Hive Ransomware is on the rise. How should you deal with it?

2022-11-18 06:44:42

qualysblog

AvosLocker Ransomware Behavior Examined on Windows & Linux

2022-03-07 05:18:46

In-Depth Look Into Data-Driven Science Behind Qualys TruRisk

2022-10-10 14:32:29

Qualys Tackles 2022’s Top Routinely Exploited Cyber Vulnerabilities

2023-08-24 19:07:05

ics

#StopRansomware: Hive Ransomware

2022-11-25 12:00:00

People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action

2024-07-08 12:00:00

Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations

2022-09-14 12:00:00

securelist

CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange

2022-12-19 16:15:49

From Caribbean shores to your devices: analyzing Cuba ransomware

2023-09-11 10:00:26

IT threat evolution in Q3 2021. PC statistics

2021-11-26 12:00:36

mmpc

The five-day job: A BlackByte ransomware intrusion case study

2023-07-06 17:00:00

kaspersky

KLA12224 Multiple vulnerabilities in Microsoft Exchange Server

2021-07-13 00:00:00

mskb

Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: April 13, 2021 (KB5001779)

2021-07-13 07:00:00

nessus

Security Updates for Microsoft Exchange Server (April 2021)

2021-04-13 00:00:00

krebs

Microsoft Patch Tuesday, July 2021 Edition

2021-07-13 21:41:47

avleonov

Security News: Exchange ProxyShell, Zoom RCE, Citrix Canceled PT Acknowledgments, Cisco No Patch Router RCEs

2021-08-31 23:16:51

Vulnerability Management news and publications #2

2022-08-14 11:30:44

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

EPSS

0.859

Percentile

98.6%

JSON

Related for CISA-KEV-CVE-2021-34523