Lucene search

Basic search
Lucene search
Search by product

Database

Vendors

[email protected]NVD:CVE-2021-26858

HistoryMar 03, 2021 - 12:15 a.m.

CVE-2021-26858

Vulners
Nvd
CVE-2021-26858

2021-03-0300:15:12

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.223 Low

EPSS

Percentile

96.5%

JSON

Microsoft Exchange Server Remote Code Execution Vulnerability

Affected configurations

NVD

Node

microsoftexchange_serverMatch2013cumulative_update_23

microsoftexchange_serverMatch2016cumulative_update_18

microsoftexchange_serverMatch2016cumulative_update_19

microsoftexchange_serverMatch2019cumulative_update_7

microsoftexchange_serverMatch2019cumulative_update_8

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26858

cve 1

cisa_kev 1

prion 1

attackerkb 3

cvelist 1

thn 7

threatpost 13

checkpoint_advisories 1

securelist 6

githubexploit 5

msrc 3

talosblog 1

akamaiblog 3

ics 7

cisa 1

hivepro 1

krebs 1

malwarebytes 3

fireeye 1

carbonblack 1

impervablog 1

mssecure 5

mmpc 5

rapid7blog 4

nessus 1

nuclei 1

mskb 1

qualysblog 7

kaspersky 1

avleonov 2

mscve 4

googleprojectzero 1

cve

CVE-2021-26858

2021-03-03 00:15:12

cisa_kev

Microsoft Exchange Server Remote Code Execution Vulnerability

2021-11-03 00:00:00

prion

Remote code execution

2021-03-03 00:15:00

attackerkb

CVE-2021-26858

2021-03-03 00:00:00

CVE-2021-26857

2021-03-03 00:00:00

Multiple Microsoft Exchange zero-day vulnerabilities - ProxyLogon Exploit Chain

2023-12-29 00:00:00

cvelist

CVE-2021-26858 Microsoft Exchange Server Remote Code Execution Vulnerability

2021-03-02 23:55:27

thn

Prometei Botnet Exploiting Unpatched Microsoft Exchange Servers

2021-04-23 07:42:00

URGENT — 4 Actively Exploited 0-Day Flaws Found in Microsoft Exchange

2021-03-03 07:28:00

Microsoft Exchange Cyber Attack — What Do We Know So Far?

2021-03-08 10:15:00

threatpost

Prometei Botnet Could Fire Up APT-Style Attacks

2021-04-23 17:15:23

CISA Orders Fed Agencies to Patch Exchange Servers

2021-03-04 17:08:36

Attackers Target ProxyLogon Exploit to Install Cryptojacker

2021-04-15 12:19:13

checkpoint_advisories

Microsoft Exchange Server Remote Code Execution (CVE-2021-26857; CVE-2021-26858)

2021-03-02 00:00:00

securelist

Zero-day vulnerabilities in Microsoft Exchange Server

2021-03-04 17:20:57

Black Kingdom ransomware

2021-06-17 10:00:41

IT threat evolution Q1 2021

2021-05-31 10:00:37

githubexploit

Exploit for Vulnerability in Microsoft

2021-03-08 07:28:21

Exploit for Vulnerability in Microsoft

2021-03-09 10:36:44

Exploit for Vulnerability in Microsoft

2021-03-05 08:22:07

msrc

Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities

2021-03-16 07:00:00

Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities

2021-03-16 07:00:00

Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities

2021-03-16 18:44:28

talosblog

Threat Advisory: HAFNIUM and Microsoft Exchange zero-day

2021-03-08 10:18:43

akamaiblog

How Akamai Can Help You Fight the Latest Exploitation Attempts Against Microsoft Exchange

2021-03-15 22:30:00

Microsoft Exchange and Verkada Hacks: Isolate Your Apps and APIs from the Internet Cesspool

2021-03-15 22:15:00

Authentication: Lessons Learned from Microsoft Exchange and F5 BIG-IP Hacks

2021-03-24 14:00:00

ics

Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization

2022-10-05 12:00:00

Mitigate Microsoft Exchange Server Vulnerabilities

2021-07-19 12:00:00

Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure

2022-03-01 12:00:00

cisa

Microsoft Releases Out-of-Band Security Updates for Exchange Server

2021-03-02 00:00:00

hivepro

Have you patched the vulnerabilities in Microsoft Exchange Server?

2021-08-18 11:01:05

krebs

Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails

2021-03-02 21:19:17

malwarebytes

Patch now! Exchange servers attacked by Hafnium zero-days

2021-03-03 12:34:27

The top 5 most routinely exploited vulnerabilities of 2021

2022-04-29 16:28:20

Chinese APT's favorite vulnerabilities revealed

2022-10-13 16:15:00

fireeye

Detection and Response to Exploitation of Microsoft Exchange Zero-Day Vulnerabilities

2021-03-04 00:00:00

carbonblack

TAU Threat Advisory: Microsoft Exchange Servers Targeted with Four Zero-day Exploits

2021-03-08 21:05:13

impervablog

Imperva Observes Hive of Activity Following Hafnium Microsoft Exchange Disclosures

2021-03-26 15:06:38

mssecure

HAFNIUM targeting Exchange Servers with 0-day exploits

2021-03-02 21:07:53

Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021

2021-11-16 16:00:08

Profiling DEV-0270: PHOSPHORUS’ ransomware operations

2022-09-07 21:00:00

mmpc

HAFNIUM targeting Exchange Servers with 0-day exploits

2021-03-02 21:07:53

Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021

2021-11-16 16:00:08

Profiling DEV-0270: PHOSPHORUS’ ransomware operations

2022-09-07 21:00:00

rapid7blog

Rapid7’s InsightIDR Enables Detection And Response to Microsoft Exchange Zero-Day

2021-03-03 00:41:04

Defending Against the Zero Day: Analyzing Attacker Behavior Post-Exploitation of Microsoft Exchange

2021-03-23 14:04:36

Mass Exploitation of Exchange Server Zero-Day CVEs: What You Need to Know

2021-03-03 19:23:42

nessus

Security Updates for Microsoft Exchange Server (March 2021)

2021-03-03 00:00:00

nuclei

Microsoft Exchange Server SSRF Vulnerability

2021-03-06 07:00:59

mskb

Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: March 2, 2021 (KB5000871)

2021-03-02 08:00:00

qualysblog

Microsoft Exchange Server Zero-Days (ProxyLogon) – Automatically Discover, Prioritize and Remediate Using Qualys VMDR

2021-03-03 22:12:19

CISA Alert: Top 15 Routinely Exploited Vulnerabilities

2022-05-06 12:19:24

Russia-Ukraine Crisis: How to Strengthen Your Security Posture to Protect against Cyber Attack, based on CISA Guidelines

2022-02-26 20:20:32

kaspersky

KLA12103 ACE vulnerabilities in Microsoft Exchange Server

2021-03-02 00:00:00

avleonov

Vulnerability Management news and publications #2

2022-08-14 11:30:44

Joint Advisory AA22-279A and Vulristics

2022-10-21 20:10:13

mscve

Microsoft Exchange Server Remote Code Execution Vulnerability

2021-03-02 08:00:00

Microsoft Exchange Server Remote Code Execution Vulnerability

2021-03-02 08:00:00

Microsoft Exchange Server Remote Code Execution Vulnerability

2021-03-02 08:00:00

googleprojectzero

The More You Know, The More You Know You Don’t Know

2022-04-19 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.223 Low

EPSS

Percentile

96.5%

JSON

Related for NVD:CVE-2021-26858

cve1 cisa_kev1 prion1 attackerkb3 cvelist1 thn7 threatpost13 checkpoint_advisories1 securelist6 githubexploit5 msrc3 talosblog1 akamaiblog3 ics7 cisa1 hivepro1 krebs1 malwarebytes3 fireeye1 carbonblack1 impervablog1 mssecure5 mmpc5 rapid7blog4 nessus1 nuclei1 mskb1 qualysblog7 kaspersky1 avleonov2 mscve4 googleprojectzero1