Lucene search

K

Kaspersky LabKLA12137

HistoryApr 13, 2021 - 12:00 a.m.

KLA12137 Multiple vulnerabilities in Microsoft Exchange Server

2021-04-1300:00:00

Kaspersky Lab

threats.kaspersky.com

16

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.044 Low

EPSS

Percentile

92.3%

Detect date:

04/13/2021

Severity:

Critical

Description:

Remote code execution vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit this vulnerability to execute arbitrary code.

Exploitation:

Public exploits exist for this vulnerability.

Affected products:

Microsoft Exchange Server 2013 Cumulative Update 23
Microsoft Exchange Server 2016 Cumulative Update 20
Microsoft Exchange Server 2019 Cumulative Update 9
Microsoft Exchange Server 2016 Cumulative Update 19
Microsoft Exchange Server 2019 Cumulative Update 8

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

CVE-2021-28480
CVE-2021-28482
CVE-2021-28483
CVE-2021-28481

Impacts:

ACE

Related products:

Microsoft Exchange Server

CVE-IDS:

CVE-2021-284809.8Critical
CVE-2021-284828.8Critical
CVE-2021-284839.0Critical
CVE-2021-284819.8Critical

KB list:

Microsoft official advisories:

References

support.microsoft.com/kb/5001779

api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28480

api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28481

api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28482

api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28483

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28480

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28481

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28482

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28483

portal.msrc.microsoft.com/en-us/security-guidance

statistics.securelist.com/vulnerability-scan/month

threats.kaspersky.com/en/class/Exploit/

threats.kaspersky.com/en/product/Microsoft-Exchange-Server/

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.044 Low

EPSS

Percentile

92.3%

Related for KLA12137

attackerkb2 zdt1 nessus1 mskb1 qualysblog1 threatpost2 krebs1 prion4 cve4 mscve4 checkpoint_advisories1 seebug1 githubexploit2 thn1 avleonov1 rapid7blog1