CVE Details for CVE: CVE-2021-26412
Summary
Microsoft Exchange Server Remote Code Execution Vulnerability
Timestamps
Last major update 29-12-2023 - 17:15
Published 03-03-2021 - 00:15
Last modified 29-12-2023 - 17:15
Vulnerable Configurations
  • cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*
    cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_7:*:*:*:*:*:*
    cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_7:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_18:*:*:*:*:*:*
    cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_18:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_8:*:*:*:*:*:*
    cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_8:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_19:*:*:*:*:*:*
    cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_19:*:*:*:*:*:*
CAPEC
Click the CAPEC title to display a description
CVSS
Base
6.5
Impact
6.4
Exploitability
8.0
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
CVSS3
Base
9.1
Impact
6.0
Exploitability
2.3
Access
Attack ComplexityAttack vectorPrivileges RequiredScopeUser Interaction
LOW NETWORK HIGH CHANGED NONE
Impact
ConfidentialityIntegrityAvailability
HIGH HIGH HIGH
VIA4 references
cvss-vector via4
AV:N/AC:L/Au:S/C:P/I:P/A:P
cvss3-vector via4
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H