Vulnerabilities > CVE-2021-34473 - Server-Side Request Forgery (SSRF) vulnerability in Microsoft Exchange Server 2013/2016/2019
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
NONE Summary
Microsoft Exchange Server Remote Code Execution Vulnerability
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 5 |
Common Weakness Enumeration (CWE)
Related news
- At Least 30,000 Internet-Exposed Exchange Servers Vulnerable to ProxyShell Attacks (source)
- GitHub picks Friday 13th to kill off password-based Git authentication (source)
- Microsoft Exchange Under Attack With ProxyShell Flaws; Over 1900 Servers Hacked! (source)
- WARNING: Microsoft Exchange Under Attack With ProxyShell Flaws (source)
- CISA warns admins to urgently patch Exchange ProxyShell bugs (source)
- WARNING: Microsoft Exchange Under Attack With ProxyShell Flaws (source)
- Hackers Exploiting ProxyLogon and ProxyShell Flaws in Spam Campaigns (source)
- New Incident Report Reveals How Hive Ransomware Targets Organizations (source)
- Hive ransomware affiliate zeros in on Exchange servers (source)
- Hackers scan for vulnerabilities within 15 minutes of disclosure (source)
- ProxyNotShell – the New Proxy Hell? (source)
- Microsoft Exchange ProxyShell flaws exploited in new crypto-mining attack (source)
- UK govt links 2021 Electoral Commission breach to Exchange server (source)