Multiple vulnerabilities in Microsoft Exchange Server

Описание

Multiple vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Microsoft Exchange Server can be exploited remotely to execute arbitrary code.
2. A spoofing vulnerability in Microsoft Exchange Server can be exploited remotely to spoof user interface.
3. A security feature bypass vulnerability in Microsoft Exchange Server can be exploited remotely to bypass security restrictions.

Первичный источник обнаружения

• CVE-2021-31198
  CVE-2021-31209
  CVE-2021-31207
  CVE-2021-31195
  

Эксплуатация

This vulnerability can be exploited by the following malware:

https://threats.kaspersky.com/en/threat/Exploit.Win32.ProxyShell/

Связанные продукты

• Microsoft-Exchange-Server

Список CVE

• CVE-2021-31198
  high
• CVE-2021-31209
  high
• CVE-2021-31207
  high
• CVE-2021-31195
  high

Список KB

• 5003435

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com