CVE-2021-31196 (GCVE-0-2021-31196)
Vulnerability from cvelistv5 – Published: 2021-07-14 17:53 – Updated: 2026-01-12 21:08Title
Microsoft Exchange Server Remote Code Execution Vulnerability
Summary
Microsoft Exchange Server Remote Code Execution Vulnerability
Severity
SSVC
Exploitation: active
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- Remote Code Execution
- CWE-noinfo Not enough information
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
| https://www.cisa.gov/known-exploited-vulnerabilit… | government-resource |
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Microsoft Exchange Server 2019 Cumulative Update 9 |
Affected:
15.02.0 , < 15.02.0858.015
(custom)
cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:* |
|
| Microsoft | Microsoft Exchange Server 2016 Cumulative Update 20 |
Affected:
15.01.0 , < 15.01.2242.012
(custom)
cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:* |
|
| Microsoft | Microsoft Exchange Server 2013 Cumulative Update 23 |
Affected:
15.00.0 , < 15.00.1497.023
(custom)
cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:* |
|
| Microsoft | Microsoft Exchange Server 2016 Cumulative Update 21 |
Affected:
15.01.0 , < 15.01.2308.014
(custom)
cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:* |
|
| Microsoft | Microsoft Exchange Server 2019 Cumulative Update 10 |
Affected:
15.02.0 , < 15.02.0922.013
(custom)
cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:* |
Date Public
2021-07-13 07:00
CISA KEV
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: b0761058-0071-40eb-b71d-8cfad0debfbb
Exploited: Yes
Timestamps
First Seen: 2024-08-21
Asserted: 2024-08-21
Scope
Notes: KEV entry: Microsoft Exchange Server Information Disclosure Vulnerability | Affected: Microsoft / Exchange Server | Description: Microsoft Exchange Server contains an information disclosure vulnerability that allows for remote code execution. | Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. | Due date: 2024-09-11 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2021-31196; https://nvd.nist.gov/vuln/detail/CVE-2021-31196
Evidence
Type: Vendor Report
Signal: Successful Exploitation
Confidence: 80%
Source: cisa-kev
Details
| Cwes | |
|---|---|
| Feed | CISA Known Exploited Vulnerabilities Catalog |
| Product | Exchange Server |
| Due Date | 2024-09-11 |
| Date Added | 2024-08-21 |
| Vendorproject | Microsoft |
| Vulnerabilityname | Microsoft Exchange Server Information Disclosure Vulnerability |
| Knownransomwarecampaignuse | Unknown |
References
Created: 2026-02-02 12:26 UTC
| Updated: 2026-02-06 07:17 UTC
KEVintel KEV
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: 17d42756-31ab-4832-9202-213eabf66db0
Exploited: Yes
Timestamps
First Seen: 2024-08-21
Asserted: 2024-08-21
Scope
Notes: KEVIntel entry: Microsoft Exchange Server Remote Code Execution Vulnerability | Affected: Microsoft / Microsoft Exchange Server 2019 Cumulative Update 9, Microsoft Exchange Server 2016 Cumulative Update 20, Microsoft Exchange Server 2013 Cumulative Update 23, Microsoft Exchange Server 2016 Cumulative Update 21, Microsoft Exchange Server 2019 Cumulative Update 10 | CVSS: 7.2 (HIGH) | Used in malware: unknown | Not yet in CISA KEV: False
Evidence
Type: Public Report
Signal: Successful Exploitation
Confidence: 70%
Source: kevintel
Details
| Feed | KEVIntel (kevintel.com) |
|---|---|
| Title | Microsoft Exchange Server Remote Code Execution Vulnerability |
| Vendor | Microsoft |
| Product | Microsoft Exchange Server 2019 Cumulative Update 9, Microsoft Exchange Server 2016 Cumulative Update 20, Microsoft Exchange Server 2013 Cumulative Update 23, Microsoft Exchange Server 2016 Cumulative Update 21, Microsoft Exchange Server 2019 Cumulative Update 10 |
| Added Date | 2024-08-21T00:00:00.000Z |
| Cvss Score | 7.2 |
| Epss Score | None |
| Cvss Severity | HIGH |
| Epss Percentile | None |
| Used In Malware | unknown |
| Ahead Of Cisa Kev | None |
| Not Yet In Cisa Kev | False |
References
Created: 2026-06-19 12:46 UTC
| Updated: 2026-06-19 12:46 UTC
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:55:53.341Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31196"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"dateAdded": "2024-08-21",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31196"
},
"type": "kev"
}
},
{
"other": {
"content": {
"id": "CVE-2021-31196",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T16:51:30.730018Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-12T21:08:51.522Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31196"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Microsoft Exchange Server 2019 Cumulative Update 9",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.02.0858.015",
"status": "affected",
"version": "15.02.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Microsoft Exchange Server 2016 Cumulative Update 20",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.01.2242.012",
"status": "affected",
"version": "15.01.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Microsoft Exchange Server 2013 Cumulative Update 23",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.00.1497.023",
"status": "affected",
"version": "15.00.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Microsoft Exchange Server 2016 Cumulative Update 21",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.01.2308.014",
"status": "affected",
"version": "15.01.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Microsoft Exchange Server 2019 Cumulative Update 10",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.02.0922.013",
"status": "affected",
"version": "15.02.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-07-13T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Exchange Server Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-28T22:36:18.850Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31196"
}
],
"title": "Microsoft Exchange Server Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-31196",
"datePublished": "2021-07-14T17:53:12.000Z",
"dateReserved": "2021-04-14T00:00:00.000Z",
"dateUpdated": "2026-01-12T21:08:51.522Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2021-31196",
"dateAdded": "2024-08-21",
"dueDate": "2024-09-11",
"knownRansomwareCampaignUse": "Unknown",
"notes": "https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2021-31196; https://nvd.nist.gov/vuln/detail/CVE-2021-31196",
"product": "Exchange Server",
"requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"shortDescription": "Microsoft Exchange Server contains an information disclosure vulnerability that allows for remote code execution.",
"vendorProject": "Microsoft",
"vulnerabilityName": "Microsoft Exchange Server Information Disclosure Vulnerability"
},
"epss": {
"cve": "CVE-2021-31196",
"date": "2026-06-20",
"epss": "0.4638",
"percentile": "0.98664"
},
"fkie_nvd": {
"cisaActionDue": "2024-09-11",
"cisaExploitAdd": "2024-08-21",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Microsoft Exchange Server Information Disclosure Vulnerability",
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA166F2A-D83B-4D50-AD0B-668D813E0585\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:*\", \"matchCriteriaId\": \"19C1EE0C-B8DD-4B91-BE4B-1C42D72FB718\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*\", \"matchCriteriaId\": \"3BE427A4-B0C2-4064-8234-29426325C348\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*\", \"matchCriteriaId\": \"B4185347-EEDD-4239-9AB3-410E2EC89D2A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:*\", \"matchCriteriaId\": \"71CDF29B-116B-4DE2-AFD0-B62477FF0AEB\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Microsoft Exchange Server Remote Code Execution Vulnerability\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de Ejecuci\\u00f3n de C\\u00f3digo Remota de Microsoft Exchange Server. . Este ID de CVE es diferente de CVE-2021-31206, CVE-2021-34473\"}]",
"id": "CVE-2021-31196",
"lastModified": "2024-11-21T06:05:17.070",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"secure@microsoft.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.2, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.2, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.2, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.2, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:P/I:P/A:P\", \"baseScore\": 6.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2021-07-14T18:15:09.463",
"references": "[{\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31196\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31196\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-31196\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2021-07-14T18:15:09.463\",\"lastModified\":\"2025-10-29T16:47:30.210\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Microsoft Exchange Server Remote Code Execution Vulnerability\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de Ejecuci\u00f3n de C\u00f3digo Remota de Microsoft Exchange Server. . Este ID de CVE es diferente de CVE-2021-31206, CVE-2021-34473\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":6.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2024-08-21\",\"cisaActionDue\":\"2024-09-11\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"Microsoft Exchange Server Information Disclosure Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA166F2A-D83B-4D50-AD0B-668D813E0585\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:*\",\"matchCriteriaId\":\"19C1EE0C-B8DD-4B91-BE4B-1C42D72FB718\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BE427A4-B0C2-4064-8234-29426325C348\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4185347-EEDD-4239-9AB3-410E2EC89D2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:*\",\"matchCriteriaId\":\"71CDF29B-116B-4DE2-AFD0-B62477FF0AEB\"}]}]}],\"references\":[{\"url\":\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31196\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31196\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31196\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31196\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T22:55:53.341Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2024-08-21\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31196\"}}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-31196\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-28T16:51:30.730018Z\"}}}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31196\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-noinfo Not enough information\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-28T16:52:19.172Z\"}}], \"cna\": {\"title\": \"Microsoft Exchange Server Remote Code Execution Vulnerability\", \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 7.2, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C\"}, \"scenarios\": [{\"lang\": \"en-US\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_9:*:*:*:*:*:*\"], \"vendor\": \"Microsoft\", \"product\": \"Microsoft Exchange Server 2019 Cumulative Update 9\", \"versions\": [{\"status\": \"affected\", \"version\": \"15.02.0\", \"lessThan\": \"15.02.0858.015\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"cpes\": [\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_20:*:*:*:*:*:*\"], \"vendor\": \"Microsoft\", \"product\": \"Microsoft Exchange Server 2016 Cumulative Update 20\", \"versions\": [{\"status\": \"affected\", \"version\": \"15.01.0\", \"lessThan\": \"15.01.2242.012\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"cpes\": [\"cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*\"], \"vendor\": \"Microsoft\", \"product\": \"Microsoft Exchange Server 2013 Cumulative Update 23\", \"versions\": [{\"status\": \"affected\", \"version\": \"15.00.0\", \"lessThan\": \"15.00.1497.023\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"cpes\": [\"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_21:*:*:*:*:*:*\"], \"vendor\": \"Microsoft\", \"product\": \"Microsoft Exchange Server 2016 Cumulative Update 21\", \"versions\": [{\"status\": \"affected\", \"version\": \"15.01.0\", \"lessThan\": \"15.01.2308.014\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"cpes\": [\"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_10:*:*:*:*:*:*\"], \"vendor\": \"Microsoft\", \"product\": \"Microsoft Exchange Server 2019 Cumulative Update 10\", \"versions\": [{\"status\": \"affected\", \"version\": \"15.02.0\", \"lessThan\": \"15.02.0922.013\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}], \"datePublic\": \"2021-07-13T07:00:00.000Z\", \"references\": [{\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31196\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en-US\", \"value\": \"Microsoft Exchange Server Remote Code Execution Vulnerability\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"type\": \"Impact\", \"description\": \"Remote Code Execution\"}]}], \"providerMetadata\": {\"orgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"shortName\": \"microsoft\", \"dateUpdated\": \"2023-12-28T22:36:18.850Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2021-31196\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-01-12T21:08:51.522Z\", \"dateReserved\": \"2021-04-14T00:00:00.000Z\", \"assignerOrgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"datePublished\": \"2021-07-14T17:53:12.000Z\", \"assignerShortName\": \"microsoft\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…