CVE-2021-31195

Summary

Microsoft Exchange Server Remote Code Execution Vulnerability

Affected Software

VendorProductVersion RangeStatus
MicrosoftMicrosoft Exchange Server 2016 Cumulative Update 1915.01.0 < 15.01.2176.014affected
MicrosoftMicrosoft Exchange Server 2019 Cumulative Update 815.02.0 < 15.02.0792.015affected
MicrosoftMicrosoft Exchange Server 2019 Cumulative Update 915.02.0 < 15.02.0858.012affected
MicrosoftMicrosoft Exchange Server 2016 Cumulative Update 2015.01.0 < 15.01.2242.010affected
MicrosoftMicrosoft Exchange Server 2013 Cumulative Update 2315.00.0 < 15.00.1497.018affected

Weaknesses

  • Spoofing

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References