BDU:2021-01123

BDU

CriticalConfirmedExploit available

Уязвимость почтового сервера Microsoft Exchange Server связана с недостаточной проверкой поступающих запросов. Эксплуатация уязвимости може…

CVSS

9.8

Critical

EPSS

0.00

Published

2021-01-01

Updated

2021-01-01

Description

Уязвимость почтового сервера Microsoft Exchange Server связана с недостаточной проверкой поступающих запросов. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, осуществить SSRF-атаку с помощью специально сформированных HTTPS-запросов (содержащих вредоносные файлы cookie X-AnonResource-Backend и искаженные файлы cookie X-BEResource)

Tags · CWE

Pre-auth

Affected products

Microsoft corp Microsoft exchange serverMicrosoft corp Microsoft exchange serverMicrosoft corp Microsoft exchange serverMicrosoft corp Microsoft exchange serverMicrosoft corp Microsoft exchange serverMicrosoft corp Microsoft exchange serverMicrosoft corp Microsoft exchange serverMicrosoft corp Microsoft exchange serverMicrosoft corp Microsoft exchange serverMicrosoft corp Microsoft exchange serverMicrosoft corp Microsoft exchange serverMicrosoft corp Microsoft exchange serverMicrosoft corp Microsoft exchange serverMicrosoft corp Microsoft exchange serverMicrosoft corp Microsoft exchange serverMicrosoft corp Microsoft exchange serverMicrosoft corp Microsoft exchange serverMicrosoft corp Microsoft exchange serverMicrosoft corp Microsoft exchange serverMicrosoft corp Microsoft exchange server

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Timeline

2021-01-01

Published

2021-01-01

Updated

CVSS 3.1 breakdown

Attack Vector

AV: N

Network (N)

Attack Complexity

AC: L

Low (L)

Privileges Required

PR: N

None (N)

User Interaction

UI: N

None (N)

Scope

S: U

Unchanged (U)

Confidentiality Impact

C: H

High (H)

Integrity Impact

I: H

High (H)

Availability Impact

A: H

High (H)

Exploit indicators

EPSS

0.000 · p0

Known exploited (KEV)

Known exploits — Сканер-ВС

BDU:2021-01123

bdu_exploit · https://bdu.fstec.ru/vul

Enterprise

49637

exploitdb · https://www.exploit-db.com/exploits/49637

Enterprise

49663

exploitdb · https://www.exploit-db.com/exploits/49663

Enterprise

49879

exploitdb · https://www.exploit-db.com/exploits/49879

Enterprise

49895

exploitdb · https://www.exploit-db.com/exploits/49895

Enterprise

CVE-2021-26855

github-poc · https://github.com/SimoesCTT/CTT-Exchange-RCE-v1.0---Microsoft-Exchange-Exploit-CVSS-10.0-CRITICAL-CVE-2021-26855-CVE-2021-27065

Enterprise

Affected software

Product	Vendor	Status
microsoft exchange server	microsoft corp	Tracked
microsoft exchange server	microsoft corp	Tracked
microsoft exchange server	microsoft corp	Tracked
microsoft exchange server	microsoft corp	Tracked
microsoft exchange server	microsoft corp	Tracked
microsoft exchange server	microsoft corp	Tracked
microsoft exchange server	microsoft corp	Tracked
microsoft exchange server	microsoft corp	Tracked
microsoft exchange server	microsoft corp	Tracked
microsoft exchange server	microsoft corp	Tracked
microsoft exchange server	microsoft corp	Tracked
microsoft exchange server	microsoft corp	Tracked
microsoft exchange server	microsoft corp	Tracked
microsoft exchange server	microsoft corp	Tracked
microsoft exchange server	microsoft corp	Tracked
microsoft exchange server	microsoft corp	Tracked
microsoft exchange server	microsoft corp	Tracked
microsoft exchange server	microsoft corp	Tracked
microsoft exchange server	microsoft corp	Tracked
microsoft exchange server	microsoft corp	Tracked

Source databases

BDU

MSR

Related vulnerabilities

CVE-2021-26855

External references

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-26855@https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26855@https://nvd.nist.gov/vuln/detail/CVE-2021-26855@https://www.cybersecurity-help.cz/vdb/SB2021030301@https://msrc-blog.microsoft.com/2021/03/05/microsoft-exchange-server-vulnerabilities-mitigations-march-2021/@http://packetstormsecurity.com/files/161938/Microsoft-Exchange-ProxyLogon-Remote-Code-Execution.html