CVE-2021-27065

Warning

Exploit

EPSS 94.29%
Published 03.03.2021 00:15:12
Last modified 07.03.2025 21:54:07
Source secure@microsoft.com
Teams watchlist Login
Open Login

Microsoft Exchange Server Remote Code Execution Vulnerability

Affected products Warnungen 1 Metrics 4 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Exchange Server Version2013 Updatecumulative_update_21

Microsoft ≫ Exchange Server Version2013 Updatesp1

Microsoft ≫ Exchange Server Version2016 Updatecumulative_update_10

Microsoft ≫ Exchange Server Version2016 Updatecumulative_update_11

Microsoft ≫ Exchange Server Version2016 Updatecumulative_update_12

Microsoft ≫ Exchange Server Version2016 Updatecumulative_update_13

Microsoft ≫ Exchange Server Version2016 Updatecumulative_update_14

Microsoft ≫ Exchange Server Version2016 Updatecumulative_update_15

Microsoft ≫ Exchange Server Version2016 Updatecumulative_update_16

Microsoft ≫ Exchange Server Version2016 Updatecumulative_update_17

Microsoft ≫ Exchange Server Version2016 Updatecumulative_update_18

Microsoft ≫ Exchange Server Version2016 Updatecumulative_update_19

Microsoft ≫ Exchange Server Version2016 Updatecumulative_update_8

Microsoft ≫ Exchange Server Version2019 Update-

Microsoft ≫ Exchange Server Version2019 Updatecumulative_update_1

Microsoft ≫ Exchange Server Version2019 Updatecumulative_update_2

Microsoft ≫ Exchange Server Version2019 Updatecumulative_update_3

Microsoft ≫ Exchange Server Version2019 Updatecumulative_update_4

Microsoft ≫ Exchange Server Version2019 Updatecumulative_update_5

Microsoft ≫ Exchange Server Version2019 Updatecumulative_update_6

Microsoft ≫ Exchange Server Version2019 Updatecumulative_update_7

Microsoft ≫ Exchange Server Version2019 Updatecumulative_update_8

03.11.2021: CISA Known Exploited Vulnerabilities (KEV) Catalog

Microsoft Exchange Server Remote Code Execution Vulnerability

Vulnerability

Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution. This vulnerability is part of the ProxyLogon exploit chain.

Description

Apply updates per vendor instructions.

Required actions

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	94.29%	0.999

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
secure@microsoft.com	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

http://packetstormsecurity.com/files/161938/Microsoft-Exchange-ProxyLogon-Remote-Code-Execution.html

Third Party Advisory

Exploit

VDB Entry

http://packetstormsecurity.com/files/162736/Microsoft-Exchange-ProxyLogon-Collector.html

Third Party Advisory

Exploit

VDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27065

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-27065

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-27065

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-27065

EUVD