CVE-2021-31196

Summary

Microsoft Exchange Server Remote Code Execution Vulnerability

Affected Software

VendorProductVersion RangeStatus
MicrosoftMicrosoft Exchange Server 2019 Cumulative Update 915.02.0 < 15.02.0858.015affected
MicrosoftMicrosoft Exchange Server 2016 Cumulative Update 2015.01.0 < 15.01.2242.012affected
MicrosoftMicrosoft Exchange Server 2013 Cumulative Update 2315.00.0 < 15.00.1497.023affected
MicrosoftMicrosoft Exchange Server 2016 Cumulative Update 2115.01.0 < 15.01.2308.014affected
MicrosoftMicrosoft Exchange Server 2019 Cumulative Update 1015.02.0 < 15.02.0922.013affected

Weaknesses

  • Remote Code Execution

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: active
    • Automatable: yes
    • Technical Impact: total

Additional References

References