Vulnerability-Lookup

CVE-2021-42321 (GCVE-0-2021-42321)

Vulnerability from cvelistv5 – Published: 2021-11-10 00:47 – Updated: 2025-10-21 23:25

CISA KEV KEVintel KEV

Title

Microsoft Exchange Server Remote Code Execution Vulnerability

Summary

Microsoft Exchange Server Remote Code Execution Vulnerability

Severity

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

SSVC

Exploitation: active Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

Remote Code Execution
CWE-noinfo Not enough information

Assigner

microsoft

References

4 references

URL	Tags
https://portal.msrc.microsoft.com/en-US/security-…	x_refsource_MISC
http://packetstormsecurity.com/files/166153/Micro…	x_refsource_MISC
http://packetstormsecurity.com/files/168131/Micro…	x_refsource_MISC
https://www.cisa.gov/known-exploited-vulnerabilit…	government-resource

Impacted products

4 products

Vendor	Product	Version
Microsoft	Microsoft Exchange Server 2016 Cumulative Update 21	Affected: 15.01.0 , < 15.01.2308.020 (custom) cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21::::::
Microsoft	Microsoft Exchange Server 2019 Cumulative Update 10	Affected: 15.02.0 , < 15.02.0792.019 (custom) cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10::::::
Microsoft	Microsoft Exchange Server 2016 Cumulative Update 22	Affected: 15.0.0 , < 15.01.2375.017 (custom) cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22::::::
Microsoft	Microsoft Exchange Server 2019 Cumulative Update 11	Affected: 15.02.0 , < 15.02.0986.014 (custom) cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11::::::

Date Public

2021-11-09 08:00

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

KEV entry ID: 043df6f6-a167-4beb-a3a9-0f81632bf69a

Vulnerability ID: CVE-2021-42321

Status: Confirmed

Status Updated: 2021-11-17 00:00 UTC

Exploited: Yes

Timestamps

First Seen: 2021-11-17

Asserted: 2021-11-17

Scope

Notes: KEV entry: Microsoft Exchange Server Remote Code Execution Vulnerability | Affected: Microsoft / Exchange | Description: An authenticated attacker could leverage improper validation in cmdlet arguments within Microsoft Exchange and perform remote code execution. | Required action: Apply updates per vendor instructions. | Due date: 2021-12-01 | Known ransomware campaign use (KEV): Known | Notes (KEV): https://nvd.nist.gov/vuln/detail/CVE-2021-42321

Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev

Details

Cwes	CWE-184 CWE-502
Feed	CISA Known Exploited Vulnerabilities Catalog
Product	Exchange
Due Date	2021-12-01
Date Added	2021-11-17
Vendorproject	Microsoft
Vulnerabilityname	Microsoft Exchange Server Remote Code Execution Vulnerability
Knownransomwarecampaignuse	Known

References

CVE-2021-42321

Created: 2026-02-02 12:28 UTC | Updated: 2026-02-06 07:17 UTC

KEVintel KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

KEV entry ID: 7871e714-1093-4a94-a6ba-363a6b2fd169

Vulnerability ID: CVE-2021-42321

Status: Confirmed

Status Updated: 2021-11-17 00:00 UTC

Exploited: Yes

Timestamps

First Seen: 2021-11-17

Asserted: 2021-11-17

Scope

Notes: KEVIntel entry: Microsoft Exchange Server Remote Code Execution Vulnerability | Affected: Microsoft / Microsoft Exchange Server 2016 Cumulative Update 21, Microsoft Exchange Server 2019 Cumulative Update 10, Microsoft Exchange Server 2016 Cumulative Update 22, Microsoft Exchange Server 2019 Cumulative Update 11 | CVSS: 8.8 (HIGH) | Used in malware: yes | Not yet in CISA KEV: False

Evidence

Type: Public Report

Signal: Confirmed Compromise

Confidence: 70%

Source: kevintel

Details

Feed	KEVIntel (kevintel.com)
Title	Microsoft Exchange Server Remote Code Execution Vulnerability
Vendor	Microsoft
Product	Microsoft Exchange Server 2016 Cumulative Update 21, Microsoft Exchange Server 2019 Cumulative Update 10, Microsoft Exchange Server 2016 Cumulative Update 22, Microsoft Exchange Server 2019 Cumulative Update 11
Added Date	2021-11-17T00:00:00.000Z
Cvss Score	8.8
Epss Score	None
Cvss Severity	HIGH
Epss Percentile	None
Used In Malware	yes
Ahead Of Cisa Kev	None
Not Yet In Cisa Kev	False

References

Created: 2026-06-19 12:47 UTC | Updated: 2026-06-19 12:47 UTC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T03:30:38.363Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42321"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/166153/Microsoft-Exchange-Server-Remote-Code-Execution.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/168131/Microsoft-Exchange-Server-ChainedSerializationBinder-Remote-Code-Execution.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-42321",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-01-03T16:43:32.753195Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2021-11-17",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-42321"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:25:25.274Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-42321"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2021-11-17T00:00:00.000Z",
            "value": "CVE-2021-42321 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Microsoft Exchange Server 2016 Cumulative Update 21",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "15.01.2308.020",
              "status": "affected",
              "version": "15.01.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Microsoft Exchange Server 2019 Cumulative Update 10",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "15.02.0792.019",
              "status": "affected",
              "version": "15.02.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Microsoft Exchange Server 2016 Cumulative Update 22",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "15.01.2375.017",
              "status": "affected",
              "version": "15.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Microsoft Exchange Server 2019 Cumulative Update 11",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "15.02.0986.014",
              "status": "affected",
              "version": "15.02.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2021-11-09T08:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Microsoft Exchange Server Remote Code Execution Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-29T14:47:48.107Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42321"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/166153/Microsoft-Exchange-Server-Remote-Code-Execution.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/168131/Microsoft-Exchange-Server-ChainedSerializationBinder-Remote-Code-Execution.html"
        }
      ],
      "title": "Microsoft Exchange Server Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2021-42321",
    "datePublished": "2021-11-10T00:47:43.000Z",
    "dateReserved": "2021-10-12T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:25:25.274Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2021-42321",
      "cwes": "[\"CWE-184\", \"CWE-502\"]",
      "dateAdded": "2021-11-17",
      "dueDate": "2021-12-01",
      "knownRansomwareCampaignUse": "Known",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2021-42321",
      "product": "Exchange",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "An authenticated attacker could leverage improper validation in cmdlet arguments within Microsoft Exchange and perform remote code execution.",
      "vendorProject": "Microsoft",
      "vulnerabilityName": "Microsoft Exchange Server Remote Code Execution Vulnerability"
    },
    "epss": {
      "cve": "CVE-2021-42321",
      "date": "2026-06-20",
      "epss": "0.90388",
      "percentile": "0.99786"
    },
    "fkie_nvd": {
      "cisaActionDue": "2021-12-01",
      "cisaExploitAdd": "2021-11-17",
      "cisaRequiredAction": "Apply updates per vendor instructions.",
      "cisaVulnerabilityName": "Microsoft Exchange Server Remote Code Execution Vulnerability",
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*\", \"matchCriteriaId\": \"3BE427A4-B0C2-4064-8234-29426325C348\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*\", \"matchCriteriaId\": \"449CE85B-E599-44D3-A7C1-5133F6A55E86\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*\", \"matchCriteriaId\": \"B4185347-EEDD-4239-9AB3-410E2EC89D2A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*\", \"matchCriteriaId\": \"435343A4-BF10-461A-ABF2-D511A5FBDA75\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Microsoft Exchange Server Remote Code Execution Vulnerability\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de Ejecuci\\u00f3n de C\\u00f3digo Remota en Microsoft Exchange Server\"}]",
      "id": "CVE-2021-42321",
      "lastModified": "2024-11-21T06:27:36.003",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"secure@microsoft.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:P/I:P/A:P\", \"baseScore\": 6.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2021-11-10T01:19:50.047",
      "references": "[{\"url\": \"http://packetstormsecurity.com/files/166153/Microsoft-Exchange-Server-Remote-Code-Execution.html\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/168131/Microsoft-Exchange-Server-ChainedSerializationBinder-Remote-Code-Execution.html\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42321\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/166153/Microsoft-Exchange-Server-Remote-Code-Execution.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/168131/Microsoft-Exchange-Server-ChainedSerializationBinder-Remote-Code-Execution.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42321\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "secure@microsoft.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-42321\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2021-11-10T01:19:50.047\",\"lastModified\":\"2026-06-17T04:09:38.573\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Microsoft Exchange Server Remote Code Execution Vulnerability\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de Ejecuci\u00f3n de C\u00f3digo Remota en Microsoft Exchange Server\"}],\"affected\":[{\"source\":\"secure@microsoft.com\",\"affectedData\":[{\"vendor\":\"Microsoft\",\"product\":\"Microsoft Exchange Server 2016 Cumulative Update 21\",\"cpes\":[\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*\"],\"platforms\":[\"x64-based Systems\"],\"versions\":[{\"version\":\"15.01.0\",\"lessThan\":\"15.01.2308.020\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Microsoft\",\"product\":\"Microsoft Exchange Server 2019 Cumulative Update 10\",\"cpes\":[\"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*\"],\"platforms\":[\"x64-based Systems\"],\"versions\":[{\"version\":\"15.02.0\",\"lessThan\":\"15.02.0792.019\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Microsoft\",\"product\":\"Microsoft Exchange Server 2016 Cumulative Update 22\",\"cpes\":[\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*\"],\"platforms\":[\"x64-based Systems\"],\"versions\":[{\"version\":\"15.0.0\",\"lessThan\":\"15.01.2375.017\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Microsoft\",\"product\":\"Microsoft Exchange Server 2019 Cumulative Update 11\",\"cpes\":[\"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*\"],\"platforms\":[\"x64-based Systems\"],\"versions\":[{\"version\":\"15.02.0\",\"lessThan\":\"15.02.0986.014\",\"versionType\":\"custom\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":6.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2024-01-03T16:43:32.753195Z\",\"id\":\"CVE-2021-42321\",\"options\":[{\"exploitation\":\"active\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"total\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"cisaExploitAdd\":\"2021-11-17\",\"cisaActionDue\":\"2021-12-01\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Microsoft Exchange Server Remote Code Execution Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BE427A4-B0C2-4064-8234-29426325C348\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*\",\"matchCriteriaId\":\"449CE85B-E599-44D3-A7C1-5133F6A55E86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4185347-EEDD-4239-9AB3-410E2EC89D2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*\",\"matchCriteriaId\":\"435343A4-BF10-461A-ABF2-D511A5FBDA75\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/166153/Microsoft-Exchange-Server-Remote-Code-Execution.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/168131/Microsoft-Exchange-Server-ChainedSerializationBinder-Remote-Code-Execution.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42321\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/166153/Microsoft-Exchange-Server-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/168131/Microsoft-Exchange-Server-ChainedSerializationBinder-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42321\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-42321\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42321\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/166153/Microsoft-Exchange-Server-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/168131/Microsoft-Exchange-Server-ChainedSerializationBinder-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T03:30:38.363Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-42321\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-01-03T16:43:32.753195Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2021-11-17\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-42321\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2021-11-17T00:00:00.000Z\", \"value\": \"CVE-2021-42321 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-42321\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-noinfo Not enough information\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-04T19:04:59.268Z\"}}], \"cna\": {\"title\": \"Microsoft Exchange Server Remote Code Execution Vulnerability\", \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C\"}, \"scenarios\": [{\"lang\": \"en-US\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*\"], \"vendor\": \"Microsoft\", \"product\": \"Microsoft Exchange Server 2016 Cumulative Update 21\", \"versions\": [{\"status\": \"affected\", \"version\": \"15.01.0\", \"lessThan\": \"15.01.2308.020\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"cpes\": [\"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*\"], \"vendor\": \"Microsoft\", \"product\": \"Microsoft Exchange Server 2019 Cumulative Update 10\", \"versions\": [{\"status\": \"affected\", \"version\": \"15.02.0\", \"lessThan\": \"15.02.0792.019\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"cpes\": [\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*\"], \"vendor\": \"Microsoft\", \"product\": \"Microsoft Exchange Server 2016 Cumulative Update 22\", \"versions\": [{\"status\": \"affected\", \"version\": \"15.0.0\", \"lessThan\": \"15.01.2375.017\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"cpes\": [\"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*\"], \"vendor\": \"Microsoft\", \"product\": \"Microsoft Exchange Server 2019 Cumulative Update 11\", \"versions\": [{\"status\": \"affected\", \"version\": \"15.02.0\", \"lessThan\": \"15.02.0986.014\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}], \"datePublic\": \"2021-11-09T08:00:00.000Z\", \"references\": [{\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42321\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/166153/Microsoft-Exchange-Server-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/168131/Microsoft-Exchange-Server-ChainedSerializationBinder-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en-US\", \"value\": \"Microsoft Exchange Server Remote Code Execution Vulnerability\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"type\": \"Impact\", \"description\": \"Remote Code Execution\"}]}], \"providerMetadata\": {\"orgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"shortName\": \"microsoft\", \"dateUpdated\": \"2024-05-29T14:47:48.107Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2021-42321\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:25:25.274Z\", \"dateReserved\": \"2021-10-12T00:00:00.000Z\", \"assignerOrgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"datePublished\": \"2021-11-10T00:47:43.000Z\", \"assignerShortName\": \"microsoft\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2021-ALE-021

Vulnerability from certfr_alerte - Published: - Updated:

Une vulnérabilité a été découverte dans Microsoft Exchange, initialement dans le cadre de la compétition de cybersécurité Tianfu Cup qui a eu lieu en juillet 2021. Elle permet à un attaquant ayant accès aux identifiants d'un utilisateur de provoquer une exécution de code arbitraire à distance, permettant d’obtenir in fine les droits de l’administrateur de domaine Active Directory.

L'éditeur confirme que cette vulnérabilité est exploitée dans le cadre d'attaques ciblées.

Le CERT-FR recommande donc d'appliquer les correctifs de sécurité dans les plus brefs délais.

Le CERT-FR rappelle en outre que l'éditeur ne fournit des correctifs de sécurité que pour les deux dernières mises à jour cumulatives (Cumulative Update, CU). En l’occurrence, seules les versions de Microsoft Exchange 2019 CU 11, 2019 CU 10, 2016 CU 22 et 2016 CU 21 disposent d'un correctif de sécurité. Il est donc primordial d'avoir déployé ces mises à jour cumulatives (CU) et d'appliquer le correctif.

Enfin, il convient de souligner que ce type de service ne devrait pas être exposé sur Internet sans mesure de protection [1].

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Microsoft	N/A	Microsoft Exchange 2016
	Microsoft	N/A	Microsoft Exchange 2019

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft CVE-2021-42321 du 09 novembre 2021	None	vendor-advisory
avis de sécurité CERTFR-2021-AVI-863 du 10 novembre 2021	-	other
[1] Guide ANSSI sur le nomadisme numérique	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Exchange 2016",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Exchange 2019",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "closed_at": "2022-05-04",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-42321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42321"
    }
  ],
  "links": [
    {
      "title": "avis de s\u00e9curit\u00e9 CERTFR-2021-AVI-863 du 10 novembre 2021",
      "url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2021-AVI-863/"
    },
    {
      "title": "[1] Guide ANSSI sur le nomadisme num\u00e9rique",
      "url": "https://www.ssi.gouv.fr/guide/recommandations-sur-le-nomadisme-numerique/"
    }
  ],
  "reference": "CERTFR-2021-ALE-021",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-11-10T00:00:00.000000"
    },
    {
      "description": "correction du lien vers le guide ANSSI",
      "revision_date": "2021-11-12T00:00:00.000000"
    },
    {
      "description": "Cl\u00f4ture de l\u0027alerte. Cela ne signifie pas la fin d\u0027une menace. Seule l\u0027application de la mise \u00e0 jour permet de vous pr\u00e9munir contre l\u0027exploitation de la vuln\u00e9rabilit\u00e9 correspondante.",
      "revision_date": "2022-05-04T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Microsoft Exchange, initialement\ndans le cadre de la comp\u00e9tition de cybers\u00e9curit\u00e9 *Tianfu Cup* qui a eu\nlieu en juillet 2021. Elle permet \u00e0 un attaquant ayant acc\u00e8s aux\nidentifiants d\u0027un utilisateur de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance, permettant d\u2019obtenir *in fine* les droits de\nl\u2019administrateur de domaine Active Directory.\n\n\u003cu\u003eL\u0027\u00e9diteur confirme que cette vuln\u00e9rabilit\u00e9 est exploit\u00e9e dans le\ncadre d\u0027attaques cibl\u00e9es\u003c/u\u003e.\n\nLe CERT-FR recommande donc d\u0027appliquer les correctifs de s\u00e9curit\u00e9 dans\nles plus brefs d\u00e9lais.\n\nLe CERT-FR rappelle en outre que l\u0027\u00e9diteur ne fournit des correctifs de\ns\u00e9curit\u00e9 que pour les deux derni\u00e8res mises \u00e0 jour cumulatives\n(*Cumulative Update*, *CU*). En l\u2019occurrence, seules les versions de\nMicrosoft Exchange 2019 CU 11, 2019 CU 10, 2016 CU 22 et 2016 CU 21\ndisposent d\u0027un correctif de s\u00e9curit\u00e9. \u003cu\u003eIl est donc primordial d\u0027avoir\nd\u00e9ploy\u00e9 ces mises \u00e0 jour cumulatives (*CU*) et d\u0027appliquer le\ncorrectif\u003c/u\u003e.\n\nEnfin, il convient de souligner que ce type de service ne devrait pas\n\u00eatre expos\u00e9 sur Internet sans mesure de protection \\[1\\].\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Microsoft Exchange",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2021-42321 du 09 novembre 2021",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42321"
    }
  ]
}

CERTFR-2021-ALE-021

Vulnerability from certfr_alerte - Published: - Updated:

L'éditeur confirme que cette vulnérabilité est exploitée dans le cadre d'attaques ciblées.

Le CERT-FR recommande donc d'appliquer les correctifs de sécurité dans les plus brefs délais.

Enfin, il convient de souligner que ce type de service ne devrait pas être exposé sur Internet sans mesure de protection [1].

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Microsoft	N/A	Microsoft Exchange 2016
	Microsoft	N/A	Microsoft Exchange 2019

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft CVE-2021-42321 du 09 novembre 2021	None	vendor-advisory
avis de sécurité CERTFR-2021-AVI-863 du 10 novembre 2021	-	other
[1] Guide ANSSI sur le nomadisme numérique	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Exchange 2016",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Exchange 2019",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "closed_at": "2022-05-04",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-42321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42321"
    }
  ],
  "links": [
    {
      "title": "avis de s\u00e9curit\u00e9 CERTFR-2021-AVI-863 du 10 novembre 2021",
      "url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2021-AVI-863/"
    },
    {
      "title": "[1] Guide ANSSI sur le nomadisme num\u00e9rique",
      "url": "https://www.ssi.gouv.fr/guide/recommandations-sur-le-nomadisme-numerique/"
    }
  ],
  "reference": "CERTFR-2021-ALE-021",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-11-10T00:00:00.000000"
    },
    {
      "description": "correction du lien vers le guide ANSSI",
      "revision_date": "2021-11-12T00:00:00.000000"
    },
    {
      "description": "Cl\u00f4ture de l\u0027alerte. Cela ne signifie pas la fin d\u0027une menace. Seule l\u0027application de la mise \u00e0 jour permet de vous pr\u00e9munir contre l\u0027exploitation de la vuln\u00e9rabilit\u00e9 correspondante.",
      "revision_date": "2022-05-04T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Microsoft Exchange, initialement\ndans le cadre de la comp\u00e9tition de cybers\u00e9curit\u00e9 *Tianfu Cup* qui a eu\nlieu en juillet 2021. Elle permet \u00e0 un attaquant ayant acc\u00e8s aux\nidentifiants d\u0027un utilisateur de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance, permettant d\u2019obtenir *in fine* les droits de\nl\u2019administrateur de domaine Active Directory.\n\n\u003cu\u003eL\u0027\u00e9diteur confirme que cette vuln\u00e9rabilit\u00e9 est exploit\u00e9e dans le\ncadre d\u0027attaques cibl\u00e9es\u003c/u\u003e.\n\nLe CERT-FR recommande donc d\u0027appliquer les correctifs de s\u00e9curit\u00e9 dans\nles plus brefs d\u00e9lais.\n\nLe CERT-FR rappelle en outre que l\u0027\u00e9diteur ne fournit des correctifs de\ns\u00e9curit\u00e9 que pour les deux derni\u00e8res mises \u00e0 jour cumulatives\n(*Cumulative Update*, *CU*). En l\u2019occurrence, seules les versions de\nMicrosoft Exchange 2019 CU 11, 2019 CU 10, 2016 CU 22 et 2016 CU 21\ndisposent d\u0027un correctif de s\u00e9curit\u00e9. \u003cu\u003eIl est donc primordial d\u0027avoir\nd\u00e9ploy\u00e9 ces mises \u00e0 jour cumulatives (*CU*) et d\u0027appliquer le\ncorrectif\u003c/u\u003e.\n\nEnfin, il convient de souligner que ce type de service ne devrait pas\n\u00eatre expos\u00e9 sur Internet sans mesure de protection \\[1\\].\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Microsoft Exchange",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2021-42321 du 09 novembre 2021",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42321"
    }
  ]
}

CERTFR-2021-AVI-863

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans les produits Microsoft. Elles permettent à un attaquant de provoquer une usurpation d'identité, une atteinte à la confidentialité des données, une exécution de code à distance, une élévation de privilèges et un contournement de la fonctionnalité de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	N/A	Microsoft Exchange Server 2013 Cumulative Update 23
Microsoft	N/A	FSLogix
Microsoft	N/A	Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)
Microsoft	N/A	Microsoft Exchange Server 2016 Cumulative Update 21
Microsoft	Azure	Azure RTOS
Microsoft	N/A	Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)
Microsoft	N/A	Microsoft Exchange Server 2019 Cumulative Update 11
Microsoft	N/A	3D Viewer
Microsoft	N/A	Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)
Microsoft	N/A	Microsoft Exchange Server 2016 Cumulative Update 22
Microsoft	N/A	Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)
Microsoft	N/A	Microsoft Malware Protection Engine
Microsoft	N/A	Power BI Report Server
Microsoft	N/A	Visual Studio Code
Microsoft	N/A	Microsoft Dynamics 365 (on-premises) version 9.1
Microsoft	N/A	Microsoft 365 Apps pour Enterprise pour systèmes 32 bits
Microsoft	N/A	Microsoft 365 Apps pour Enterprise pour 64 bits Systems
Microsoft	N/A	Microsoft Exchange Server 2019 Cumulative Update 10
Microsoft	N/A	Microsoft Visual Studio 2015 Update 3
Microsoft	Azure	Azure Sphere
Microsoft	N/A	Microsoft Dynamics 365 (on-premises) version 9.0

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft du 09 novembre 2021

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Exchange Server 2013 Cumulative Update 23",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "FSLogix",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Exchange Server 2016 Cumulative Update 21",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Azure RTOS",
      "product": {
        "name": "Azure",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Exchange Server 2019 Cumulative Update 11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "3D Viewer",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Exchange Server 2016 Cumulative Update 22",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Malware Protection Engine",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Power BI Report Server",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Visual Studio Code",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Dynamics 365 (on-premises) version 9.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft 365 Apps pour Enterprise pour syst\u00e8mes 32 bits",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft 365 Apps pour Enterprise pour 64 bits Systems",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Exchange Server 2019 Cumulative Update 10",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2015 Update 3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Azure Sphere",
      "product": {
        "name": "Azure",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Dynamics 365 (on-premises) version 9.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-41374",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41374"
    },
    {
      "name": "CVE-2021-43208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43208"
    },
    {
      "name": "CVE-2021-41368",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41368"
    },
    {
      "name": "CVE-2021-41349",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41349"
    },
    {
      "name": "CVE-2021-42305",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42305"
    },
    {
      "name": "CVE-2021-42322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42322"
    },
    {
      "name": "CVE-2021-42277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42277"
    },
    {
      "name": "CVE-2021-42321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42321"
    },
    {
      "name": "CVE-2021-43209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43209"
    },
    {
      "name": "CVE-2021-41376",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41376"
    },
    {
      "name": "CVE-2021-42301",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42301"
    },
    {
      "name": "CVE-2021-3711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3711"
    },
    {
      "name": "CVE-2021-42319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42319"
    },
    {
      "name": "CVE-2021-42304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42304"
    },
    {
      "name": "CVE-2021-26444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-26444"
    },
    {
      "name": "CVE-2021-42316",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42316"
    },
    {
      "name": "CVE-2021-41373",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41373"
    },
    {
      "name": "CVE-2021-42292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42292"
    },
    {
      "name": "CVE-2021-42302",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42302"
    },
    {
      "name": "CVE-2021-42323",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42323"
    },
    {
      "name": "CVE-2021-42300",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42300"
    },
    {
      "name": "CVE-2021-41375",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41375"
    },
    {
      "name": "CVE-2021-40442",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-40442"
    },
    {
      "name": "CVE-2021-42298",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42298"
    },
    {
      "name": "CVE-2021-41372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41372"
    },
    {
      "name": "CVE-2021-42296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42296"
    },
    {
      "name": "CVE-2021-42303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42303"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-AVI-863",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-11-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Usurpation d\u0027identit\u00e9"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Microsoft\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une usurpation d\u0027identit\u00e9, une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es, une ex\u00e9cution de code \u00e0 distance, une\n\u00e9l\u00e9vation de privil\u00e8ges et un contournement de la fonctionnalit\u00e9 de\ns\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft du 09 novembre 2021",
      "url": "https://msrc.microsoft.com/update-guide/"
    }
  ]
}

CERTFR-2021-AVI-863

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	N/A	Microsoft Exchange Server 2013 Cumulative Update 23
Microsoft	N/A	FSLogix
Microsoft	N/A	Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)
Microsoft	N/A	Microsoft Exchange Server 2016 Cumulative Update 21
Microsoft	Azure	Azure RTOS
Microsoft	N/A	Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)
Microsoft	N/A	Microsoft Exchange Server 2019 Cumulative Update 11
Microsoft	N/A	3D Viewer
Microsoft	N/A	Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)
Microsoft	N/A	Microsoft Exchange Server 2016 Cumulative Update 22
Microsoft	N/A	Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)
Microsoft	N/A	Microsoft Malware Protection Engine
Microsoft	N/A	Power BI Report Server
Microsoft	N/A	Visual Studio Code
Microsoft	N/A	Microsoft Dynamics 365 (on-premises) version 9.1
Microsoft	N/A	Microsoft 365 Apps pour Enterprise pour systèmes 32 bits
Microsoft	N/A	Microsoft 365 Apps pour Enterprise pour 64 bits Systems
Microsoft	N/A	Microsoft Exchange Server 2019 Cumulative Update 10
Microsoft	N/A	Microsoft Visual Studio 2015 Update 3
Microsoft	Azure	Azure Sphere
Microsoft	N/A	Microsoft Dynamics 365 (on-premises) version 9.0

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft du 09 novembre 2021

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Exchange Server 2013 Cumulative Update 23",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "FSLogix",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Exchange Server 2016 Cumulative Update 21",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Azure RTOS",
      "product": {
        "name": "Azure",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2019 version 16.7 (includes 16.0 \u2013 16.6)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Exchange Server 2019 Cumulative Update 11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "3D Viewer",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Exchange Server 2016 Cumulative Update 22",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Malware Protection Engine",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Power BI Report Server",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Visual Studio Code",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Dynamics 365 (on-premises) version 9.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft 365 Apps pour Enterprise pour syst\u00e8mes 32 bits",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft 365 Apps pour Enterprise pour 64 bits Systems",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Exchange Server 2019 Cumulative Update 10",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2015 Update 3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Azure Sphere",
      "product": {
        "name": "Azure",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Dynamics 365 (on-premises) version 9.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-41374",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41374"
    },
    {
      "name": "CVE-2021-43208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43208"
    },
    {
      "name": "CVE-2021-41368",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41368"
    },
    {
      "name": "CVE-2021-41349",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41349"
    },
    {
      "name": "CVE-2021-42305",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42305"
    },
    {
      "name": "CVE-2021-42322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42322"
    },
    {
      "name": "CVE-2021-42277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42277"
    },
    {
      "name": "CVE-2021-42321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42321"
    },
    {
      "name": "CVE-2021-43209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43209"
    },
    {
      "name": "CVE-2021-41376",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41376"
    },
    {
      "name": "CVE-2021-42301",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42301"
    },
    {
      "name": "CVE-2021-3711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3711"
    },
    {
      "name": "CVE-2021-42319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42319"
    },
    {
      "name": "CVE-2021-42304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42304"
    },
    {
      "name": "CVE-2021-26444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-26444"
    },
    {
      "name": "CVE-2021-42316",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42316"
    },
    {
      "name": "CVE-2021-41373",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41373"
    },
    {
      "name": "CVE-2021-42292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42292"
    },
    {
      "name": "CVE-2021-42302",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42302"
    },
    {
      "name": "CVE-2021-42323",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42323"
    },
    {
      "name": "CVE-2021-42300",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42300"
    },
    {
      "name": "CVE-2021-41375",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41375"
    },
    {
      "name": "CVE-2021-40442",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-40442"
    },
    {
      "name": "CVE-2021-42298",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42298"
    },
    {
      "name": "CVE-2021-41372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41372"
    },
    {
      "name": "CVE-2021-42296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42296"
    },
    {
      "name": "CVE-2021-42303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42303"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-AVI-863",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-11-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Usurpation d\u0027identit\u00e9"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Microsoft\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une usurpation d\u0027identit\u00e9, une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es, une ex\u00e9cution de code \u00e0 distance, une\n\u00e9l\u00e9vation de privil\u00e8ges et un contournement de la fonctionnalit\u00e9 de\ns\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft du 09 novembre 2021",
      "url": "https://msrc.microsoft.com/update-guide/"
    }
  ]
}

BDU:2021-05330

Vulnerability from fstec - Published: 09.11.2021

Title

Уязвимость почтового сервера Microsoft Exchange Server, связанная с недостаточной проверкой аргументов командлета, позволяющая нарушителю выполнить произвольный код

Description

Уязвимость почтового сервера Microsoft Exchange Server связана с недостаточной проверкой аргументов командлета. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить произвольный код

Severity


                    
                      AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Vendor

Microsoft Corp

Software Name

Microsoft Exchange Server

Software Version

2019 Cumulative Update 10 (Microsoft Exchange Server), 2016 Cumulative Update 21 (Microsoft Exchange Server), 2019 Cumulative Update 11 (Microsoft Exchange Server), 2016 Cumulative Update 22 (Microsoft Exchange Server)

Possible Mitigations

Использование рекомендаций: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42321

Reference

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42321 https://www.cybersecurity-help.cz/vdb/SB2021110928 https://techcommunity.microsoft.com/t5/exchange-team-blog/released-november-2021-exchange-server-security-updates/ba-p/2933169 https://www.zerodayinitiative.com/blog/2021/11/9/the-november-2021-security-update-review

CWE

CWE-20

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Microsoft Corp",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "2019 Cumulative Update 10 (Microsoft Exchange Server), 2016 Cumulative Update 21 (Microsoft Exchange Server), 2019 Cumulative Update 11 (Microsoft Exchange Server), 2016 Cumulative Update 22 (Microsoft Exchange Server)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42321",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "09.11.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "01.12.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "10.11.2021",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2021-05330",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2021-42321",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Microsoft Exchange Server",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Microsoft Exchange Server, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u043a\u043e\u043c\u0430\u043d\u0434\u043b\u0435\u0442\u0430, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Microsoft Exchange Server \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u043a\u043e\u043c\u0430\u043d\u0434\u043b\u0435\u0442\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42321\nhttps://www.cybersecurity-help.cz/vdb/SB2021110928\nhttps://techcommunity.microsoft.com/t5/exchange-team-blog/released-november-2021-exchange-server-security-updates/ba-p/2933169\nhttps://www.zerodayinitiative.com/blog/2021/11/9/the-november-2021-security-update-review",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,6)"
}

CNVD-2021-90307

Vulnerability from cnvd - Published: 2021-11-24

Title

Microsoft Exchange Server远程代码执行漏洞（CNVD-2021-90307）

Description

Microsoft Exchange Server是美国微软（Microsoft）公司的一套电子邮件服务程序。它提供邮件存取、储存、转发，语音邮件，邮件过滤筛选等功能。 Microsoft Exchange Server存在远程代码执行漏洞，攻击者可通过发送特制的恶意数据到服务器利用该漏洞在服务器上远程执行任意代码。

Severity

中

Patch Name

Microsoft Exchange Server远程代码执行漏洞（CNVD-2021-90307）的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42321

Reference

https://nvd.nist.gov/vuln/detail/CVE-2021-42321

Impacted products

Name
['Microsoft Microsoft Exchange Server 2019 Cumulative Update 10', 'Microsoft Microsoft Exchange Server 2019 Cumulative Update 11', 'Microsoft Microsoft Exchange Server 2016 Cumulative Update 21', 'Microsoft Microsoft Exchange Server 2016 Cumulative Update 22']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-42321"
    }
  },
  "description": "Microsoft Exchange Server\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4e00\u5957\u7535\u5b50\u90ae\u4ef6\u670d\u52a1\u7a0b\u5e8f\u3002\u5b83\u63d0\u4f9b\u90ae\u4ef6\u5b58\u53d6\u3001\u50a8\u5b58\u3001\u8f6c\u53d1\uff0c\u8bed\u97f3\u90ae\u4ef6\uff0c\u90ae\u4ef6\u8fc7\u6ee4\u7b5b\u9009\u7b49\u529f\u80fd\u3002\n\nMicrosoft Exchange Server\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u53d1\u9001\u7279\u5236\u7684\u6076\u610f\u6570\u636e\u5230\u670d\u52a1\u5668\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u670d\u52a1\u5668\u4e0a\u8fdc\u7a0b\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42321",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-90307",
  "openTime": "2021-11-24",
  "patchDescription": "Microsoft Exchange Server\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4e00\u5957\u7535\u5b50\u90ae\u4ef6\u670d\u52a1\u7a0b\u5e8f\u3002\u5b83\u63d0\u4f9b\u90ae\u4ef6\u5b58\u53d6\u3001\u50a8\u5b58\u3001\u8f6c\u53d1\uff0c\u8bed\u97f3\u90ae\u4ef6\uff0c\u90ae\u4ef6\u8fc7\u6ee4\u7b5b\u9009\u7b49\u529f\u80fd\u3002\r\n\r\nMicrosoft Exchange Server\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u53d1\u9001\u7279\u5236\u7684\u6076\u610f\u6570\u636e\u5230\u670d\u52a1\u5668\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u670d\u52a1\u5668\u4e0a\u8fdc\u7a0b\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Microsoft Exchange Server\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff08CNVD-2021-90307\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Microsoft Microsoft Exchange Server 2019 Cumulative Update 10",
      "Microsoft Microsoft Exchange Server 2019 Cumulative Update 11",
      "Microsoft Microsoft Exchange Server 2016 Cumulative Update 21",
      "Microsoft Microsoft Exchange Server 2016 Cumulative Update 22"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2021-42321",
  "serverity": "\u4e2d",
  "submitTime": "2021-11-12",
  "title": "Microsoft Exchange Server\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff08CNVD-2021-90307\uff09"
}

FKIE_CVE-2021-42321

Vulnerability from fkie_nvd - Published: 2021-11-10 01:19 - Updated: 2026-06-17 04:09

CISA KEV KEVintel KEV

Severity

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

Microsoft Exchange Server Remote Code Execution Vulnerability

References

URL	Tags
secure@microsoft.com	http://packetstormsecurity.com/files/166153/Microsoft-Exchange-Server-Remote-Code-Execution.html	Exploit, Third Party Advisory, VDB Entry
secure@microsoft.com	http://packetstormsecurity.com/files/168131/Microsoft-Exchange-Server-ChainedSerializationBinder-Remote-Code-Execution.html	Exploit, Third Party Advisory, VDB Entry
secure@microsoft.com	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42321	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/166153/Microsoft-Exchange-Server-Remote-Code-Execution.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/168131/Microsoft-Exchange-Server-ChainedSerializationBinder-Remote-Code-Execution.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42321	Patch, Vendor Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-42321	US Government Resource

Impacted products

Vendor	Product	Version
microsoft	exchange_server	2016
microsoft	exchange_server	2016
microsoft	exchange_server	2019
microsoft	exchange_server	2019

JSON

To clipboard

{
  "affected": [
    {
      "affectedData": [
        {
          "cpes": [
            "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Microsoft Exchange Server 2016 Cumulative Update 21",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "15.01.2308.020",
              "status": "affected",
              "version": "15.01.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Microsoft Exchange Server 2019 Cumulative Update 10",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "15.02.0792.019",
              "status": "affected",
              "version": "15.02.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Microsoft Exchange Server 2016 Cumulative Update 22",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "15.01.2375.017",
              "status": "affected",
              "version": "15.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*"
          ],
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Microsoft Exchange Server 2019 Cumulative Update 11",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "15.02.0986.014",
              "status": "affected",
              "version": "15.02.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "source": "secure@microsoft.com"
    }
  ],
  "cisaActionDue": "2021-12-01",
  "cisaExploitAdd": "2021-11-17",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Microsoft Exchange Server Remote Code Execution Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*",
              "matchCriteriaId": "3BE427A4-B0C2-4064-8234-29426325C348",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*",
              "matchCriteriaId": "449CE85B-E599-44D3-A7C1-5133F6A55E86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*",
              "matchCriteriaId": "B4185347-EEDD-4239-9AB3-410E2EC89D2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*",
              "matchCriteriaId": "435343A4-BF10-461A-ABF2-D511A5FBDA75",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Microsoft Exchange Server Remote Code Execution Vulnerability"
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de Ejecuci\u00f3n de C\u00f3digo Remota en Microsoft Exchange Server"
    }
  ],
  "id": "CVE-2021-42321",
  "lastModified": "2026-06-17T04:09:38.573",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "secure@microsoft.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Secondary"
      }
    ],
    "ssvcV203": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "ssvcData": {
          "id": "CVE-2021-42321",
          "options": [
            {
              "exploitation": "active"
            },
            {
              "automatable": "no"
            },
            {
              "technicalImpact": "total"
            }
          ],
          "role": "CISA Coordinator",
          "timestamp": "2024-01-03T16:43:32.753195Z",
          "version": "2.0.3"
        }
      }
    ]
  },
  "published": "2021-11-10T01:19:50.047",
  "references": [
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/166153/Microsoft-Exchange-Server-Remote-Code-Execution.html"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/168131/Microsoft-Exchange-Server-ChainedSerializationBinder-Remote-Code-Execution.html"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42321"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/166153/Microsoft-Exchange-Server-Remote-Code-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/168131/Microsoft-Exchange-Server-ChainedSerializationBinder-Remote-Code-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42321"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-42321"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-3F87-66X4-F3P7

Vulnerability from github – Published: 2022-05-24 19:20 – Updated: 2025-10-22 00:32

Details

Microsoft Exchange Server Remote Code Execution Vulnerability

Severity

8.8 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-42321"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-11-10T01:19:00Z",
    "severity": "HIGH"
  },
  "details": "Microsoft Exchange Server Remote Code Execution Vulnerability",
  "id": "GHSA-3f87-66x4-f3p7",
  "modified": "2025-10-22T00:32:26Z",
  "published": "2022-05-24T19:20:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42321"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42321"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-42321"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/166153/Microsoft-Exchange-Server-Remote-Code-Execution.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/168131/Microsoft-Exchange-Server-ChainedSerializationBinder-Remote-Code-Execution.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2021-42321

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Microsoft Exchange Server Remote Code Execution Vulnerability

Aliases

CVE-2021-42321

Aliases

CVE-2021-42321

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-42321",
    "description": "Microsoft Exchange Server Remote Code Execution Vulnerability",
    "id": "GSD-2021-42321",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2021-42321"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-42321"
      ],
      "details": "Microsoft Exchange Server Remote Code Execution Vulnerability",
      "id": "GSD-2021-42321",
      "modified": "2023-12-13T01:23:06.556780Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cisa.gov": {
      "cveID": "CVE-2021-42321",
      "dateAdded": "2021-11-17",
      "dueDate": "2021-12-01",
      "product": "Exchange",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "An authenticated attacker could leverage improper validation in cmdlet arguments within Microsoft Exchange and perform remote code execution.",
      "vendorProject": "Microsoft",
      "vulnerabilityName": "Microsoft Exchange Server Remote Code Execution Vulnerability"
    },
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@microsoft.com",
        "ID": "CVE-2021-42321",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Microsoft Exchange Server 2016 Cumulative Update 21",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "15.01.0",
                          "version_value": "15.01.2308.020"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Microsoft Exchange Server 2019 Cumulative Update 10",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "15.02.0",
                          "version_value": "15.02.0792.019"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Microsoft Exchange Server 2016 Cumulative Update 22",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "15.0.0",
                          "version_value": "15.01.2375.017"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Microsoft Exchange Server 2019 Cumulative Update 11",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "15.02.0",
                          "version_value": "15.02.0986.014"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Microsoft"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Microsoft Exchange Server Remote Code Execution Vulnerability"
          }
        ]
      },
      "impact": {
        "cvss": [
          {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Remote Code Execution"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42321",
            "refsource": "MISC",
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42321"
          },
          {
            "name": "http://packetstormsecurity.com/files/166153/Microsoft-Exchange-Server-Remote-Code-Execution.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/166153/Microsoft-Exchange-Server-Remote-Code-Execution.html"
          },
          {
            "name": "http://packetstormsecurity.com/files/168131/Microsoft-Exchange-Server-ChainedSerializationBinder-Remote-Code-Execution.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/168131/Microsoft-Exchange-Server-ChainedSerializationBinder-Remote-Code-Execution.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "cisaActionDue": "2021-12-01",
        "cisaExploitAdd": "2021-11-17",
        "cisaRequiredAction": "Apply updates per vendor instructions.",
        "cisaVulnerabilityName": "Microsoft Exchange Server Remote Code Execution Vulnerability",
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*",
                    "matchCriteriaId": "3BE427A4-B0C2-4064-8234-29426325C348",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_22:*:*:*:*:*:*",
                    "matchCriteriaId": "449CE85B-E599-44D3-A7C1-5133F6A55E86",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*",
                    "matchCriteriaId": "B4185347-EEDD-4239-9AB3-410E2EC89D2A",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_11:*:*:*:*:*:*",
                    "matchCriteriaId": "435343A4-BF10-461A-ABF2-D511A5FBDA75",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "Microsoft Exchange Server Remote Code Execution Vulnerability"
          },
          {
            "lang": "es",
            "value": "Una vulnerabilidad de Ejecuci\u00f3n de C\u00f3digo Remota en Microsoft Exchange Server"
          }
        ],
        "id": "CVE-2021-42321",
        "lastModified": "2023-12-28T16:16:00.120",
        "metrics": {
          "cvssMetricV2": [
            {
              "acInsufInfo": false,
              "baseSeverity": "MEDIUM",
              "cvssData": {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "integrityImpact": "PARTIAL",
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              "exploitabilityScore": 8.0,
              "impactScore": 6.4,
              "obtainAllPrivilege": false,
              "obtainOtherPrivilege": false,
              "obtainUserPrivilege": false,
              "source": "nvd@nist.gov",
              "type": "Primary",
              "userInteractionRequired": false
            }
          ],
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 2.8,
              "impactScore": 5.9,
              "source": "secure@microsoft.com",
              "type": "Primary"
            },
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 2.8,
              "impactScore": 5.9,
              "source": "nvd@nist.gov",
              "type": "Secondary"
            }
          ]
        },
        "published": "2021-11-10T01:19:50.047",
        "references": [
          {
            "source": "secure@microsoft.com",
            "tags": [
              "Exploit",
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://packetstormsecurity.com/files/166153/Microsoft-Exchange-Server-Remote-Code-Execution.html"
          },
          {
            "source": "secure@microsoft.com",
            "tags": [
              "Exploit",
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://packetstormsecurity.com/files/168131/Microsoft-Exchange-Server-ChainedSerializationBinder-Remote-Code-Execution.html"
          },
          {
            "source": "secure@microsoft.com",
            "tags": [
              "Patch",
              "Vendor Advisory"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42321"
          }
        ],
        "sourceIdentifier": "secure@microsoft.com",
        "vulnStatus": "Modified",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "NVD-CWE-Other"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

MSRC_CVE-2021-42321

Vulnerability from csaf_microsoft - Published: 2021-11-09 08:00 - Updated: 2022-06-21 07:00

Summary

Microsoft Exchange Server Remote Code Execution Vulnerability

Severity

Important

Notes

Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

Customer Action: Required. The vulnerability documented by this CVE requires customer action to resolve.

CVE-2021-42321

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Affected products

Fixed 4 products

Product	Identifier	Version	Remediation
Microsoft Exchange Server 2016 Cumulative Update 21 15.01.2308.020 Microsoft Exchange Server 2016 Cumulative Update 21		15.01.2308.020
Microsoft Exchange Server 2019 Cumulative Update 10 15.02.0792.019 Microsoft Exchange Server 2019 Cumulative Update 10		15.02.0792.019
Microsoft Exchange Server 2016 Cumulative Update 22 15.01.2375.017 Microsoft Exchange Server 2016 Cumulative Update 22		15.01.2375.017
Microsoft Exchange Server 2019 Cumulative Update 11 15.02.0986.014 Microsoft Exchange Server 2019 Cumulative Update 11		15.02.0986.014

Known affected 4 products

Product	Version	Remediation
Microsoft Exchange Server 2019 Cumulative Update 11 <15.02.0986.014 Microsoft Exchange Server 2019 Cumulative Update 11	<15.02.0986.014	Vendor Fix fix
Microsoft Exchange Server 2016 Cumulative Update 22 <15.01.2375.017 Microsoft Exchange Server 2016 Cumulative Update 22	<15.01.2375.017	Vendor Fix fix
Microsoft Exchange Server 2019 Cumulative Update 10 <15.02.0792.019 Microsoft Exchange Server 2019 Cumulative Update 10	<15.02.0792.019	Vendor Fix fix
Microsoft Exchange Server 2016 Cumulative Update 21 <15.01.2308.020 Microsoft Exchange Server 2016 Cumulative Update 21	<15.01.2308.020	Vendor Fix fix

Threats

Impact Remote Code Execution

Exploit Status Publicly Disclosed:No;Exploited:Yes;Latest Software Release:Exploitation Detected;Older Software Release:Exploitation Detected

References

7 references

URL	Category
https://msrc.microsoft.com/update-guide/vulnerabi…	self
https://msrc.microsoft.com/csaf/advisories/2021/m…	self
https://www.microsoft.com/en-us/msrc/exploitabili…	external
https://support.microsoft.com/lifecycle	external
https://www.first.org/cvss	external
https://msrc.microsoft.com/update-guide/vulnerabi…	self
https://msrc.microsoft.com/csaf/advisories/2021/m…	self

Acknowledgments

zcgonvh @ 360 noah lab

Yuhao Weng & Zhiniang Peng & Feng Dong with <a href="https://www.sangfor.com/">Sangfor</a>

Microsoft Threat Intelligence Center (MSTIC)

Microsoft Security Response Center

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "zcgonvh @ 360 noah lab"
        ]
      },
      {
        "names": [
          "Yuhao Weng \u0026 Zhiniang Peng \u0026 Feng Dong with \u003ca href=\"https://www.sangfor.com/\"\u003eSangfor\u003c/a\u003e"
        ]
      },
      {
        "names": [
          "Microsoft Threat Intelligence Center (MSTIC)"
        ]
      },
      {
        "names": [
          "Microsoft Security Response Center"
        ]
      }
    ],
    "aggregate_severity": {
      "namespace": "https://www.microsoft.com/en-us/msrc/security-update-severity-rating-system",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      },
      {
        "category": "general",
        "text": "Required. The vulnerability documented by this CVE requires customer action to resolve.",
        "title": "Customer Action"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2021-42321 Microsoft Exchange Server Remote Code Execution Vulnerability - HTML",
        "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42321"
      },
      {
        "category": "self",
        "summary": "CVE-2021-42321 Microsoft Exchange Server Remote Code Execution Vulnerability - CSAF",
        "url": "https://msrc.microsoft.com/csaf/advisories/2021/msrc_cve-2021-42321.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Exploitability Index",
        "url": "https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "Microsoft Exchange Server Remote Code Execution Vulnerability",
    "tracking": {
      "current_release_date": "2022-06-21T07:00:00.000Z",
      "generator": {
        "date": "2026-01-06T16:30:40.808Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2021-42321",
      "initial_release_date": "2021-11-09T08:00:00.000Z",
      "revision_history": [
        {
          "date": "2021-11-09T08:00:00.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        },
        {
          "date": "2021-11-16T08:00:00.000Z",
          "legacy_version": "1.1",
          "number": "2",
          "summary": "Added Microsoft Exchange Server 2013 to the Security Updates table.  Customers that are using this version of Microsoft Exchange should install this update to be protected from this vulnerability."
        },
        {
          "date": "2021-11-17T08:00:00.000Z",
          "legacy_version": "1.2",
          "number": "3",
          "summary": "Removed Exchange Server 2013 from the Security Updates table as it is not affected by this vulnerability."
        },
        {
          "date": "2021-12-06T08:00:00.000Z",
          "legacy_version": "1.3",
          "number": "4",
          "summary": "Updated acknowledgment. This is an informational change only."
        },
        {
          "date": "2022-06-21T07:00:00.000Z",
          "legacy_version": "1.4",
          "number": "5",
          "summary": "Updated acknowledgment. This is an informational change only."
        }
      ],
      "status": "final",
      "version": "5"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c15.01.2308.020",
            "product": {
              "name": "Microsoft Exchange Server 2016 Cumulative Update 21 \u003c15.01.2308.020",
              "product_id": "4"
            }
          },
          {
            "category": "product_version",
            "name": "15.01.2308.020",
            "product": {
              "name": "Microsoft Exchange Server 2016 Cumulative Update 21 15.01.2308.020",
              "product_id": "11906"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft Exchange Server 2016 Cumulative Update 21"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c15.02.0792.019",
            "product": {
              "name": "Microsoft Exchange Server 2019 Cumulative Update 10 \u003c15.02.0792.019",
              "product_id": "3"
            }
          },
          {
            "category": "product_version",
            "name": "15.02.0792.019",
            "product": {
              "name": "Microsoft Exchange Server 2019 Cumulative Update 10 15.02.0792.019",
              "product_id": "11908"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft Exchange Server 2019 Cumulative Update 10"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c15.01.2375.017",
            "product": {
              "name": "Microsoft Exchange Server 2016 Cumulative Update 22 \u003c15.01.2375.017",
              "product_id": "2"
            }
          },
          {
            "category": "product_version",
            "name": "15.01.2375.017",
            "product": {
              "name": "Microsoft Exchange Server 2016 Cumulative Update 22 15.01.2375.017",
              "product_id": "11956"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft Exchange Server 2016 Cumulative Update 22"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c15.02.0986.014",
            "product": {
              "name": "Microsoft Exchange Server 2019 Cumulative Update 11 \u003c15.02.0986.014",
              "product_id": "1"
            }
          },
          {
            "category": "product_version",
            "name": "15.02.0986.014",
            "product": {
              "name": "Microsoft Exchange Server 2019 Cumulative Update 11 15.02.0986.014",
              "product_id": "11957"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft Exchange Server 2019 Cumulative Update 11"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-42321",
      "notes": [
        {
          "category": "general",
          "text": "Microsoft",
          "title": "Assigning CNA"
        },
        {
          "category": "faq",
          "text": "Please see Exchange Blog regarding the details of this Exchange release.",
          "title": "Where can I find more information about this vulnerability?"
        },
        {
          "category": "faq",
          "text": "Yes, the attacker must be authenticated.",
          "title": "According to the CVSS metric, privileges required is low (PR:L). Does the attacker need to be in an authenticated role on the Exchange Server?"
        }
      ],
      "product_status": {
        "fixed": [
          "11906",
          "11908",
          "11956",
          "11957"
        ],
        "known_affected": [
          "1",
          "2",
          "3",
          "4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-42321 Microsoft Exchange Server Remote Code Execution Vulnerability - HTML",
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42321"
        },
        {
          "category": "self",
          "summary": "CVE-2021-42321 Microsoft Exchange Server Remote Code Execution Vulnerability - CSAF",
          "url": "https://msrc.microsoft.com/csaf/advisories/2021/msrc_cve-2021-42321.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2021-11-09T08:00:00.000Z",
          "details": "15.01.2308.020:Security Update:https://support.microsoft.com/help/5007409",
          "product_ids": [
            "4"
          ],
          "url": "https://support.microsoft.com/help/5007409"
        },
        {
          "category": "vendor_fix",
          "date": "2021-11-09T08:00:00.000Z",
          "details": "15.02.0792.019:Security Update:https://support.microsoft.com/help/5007409",
          "product_ids": [
            "3"
          ],
          "url": "https://support.microsoft.com/help/5007409"
        },
        {
          "category": "vendor_fix",
          "date": "2021-11-09T08:00:00.000Z",
          "details": "15.01.2375.017:Security Update:https://support.microsoft.com/help/5007409",
          "product_ids": [
            "2"
          ],
          "url": "https://support.microsoft.com/help/5007409"
        },
        {
          "category": "vendor_fix",
          "date": "2021-11-09T08:00:00.000Z",
          "details": "15.02.0986.014:Security Update:https://support.microsoft.com/help/5007409",
          "product_ids": [
            "1"
          ],
          "url": "https://support.microsoft.com/help/5007409"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalsScore": 0.0,
            "exploitCodeMaturity": "UNPROVEN",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "remediationLevel": "OFFICIAL_FIX",
            "reportConfidence": "CONFIRMED",
            "scope": "UNCHANGED",
            "temporalScore": 7.7,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Remote Code Execution"
        },
        {
          "category": "exploit_status",
          "details": "Publicly Disclosed:No;Exploited:Yes;Latest Software Release:Exploitation Detected;Older Software Release:Exploitation Detected"
        }
      ],
      "title": "Microsoft Exchange Server Remote Code Execution Vulnerability"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-42321 (GCVE-0-2021-42321)

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

Timestamps

Scope

Evidence

Vendor Report Successful Exploitation Confidence: 80% Source: cisa-kev

Details

References

KEVintel KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

Timestamps

Scope

Evidence

Public Report Confirmed Compromise Confidence: 70% Source: kevintel

Details

References

Solution

Solution

Solution

Solution

Tags

Sightings

Nomenclature