CVE-2021-33766

Summary

Microsoft Exchange Server Information Disclosure Vulnerability

Affected Software

VendorProductVersion RangeStatus
MicrosoftMicrosoft Exchange Server 2019 Cumulative Update 915.02.0 < 15.02.0858.010affected
MicrosoftMicrosoft Exchange Server 2016 Cumulative Update 2015.01.0 < 15.01.2242.008affected
MicrosoftMicrosoft Exchange Server 2013 Cumulative Update 2315.00.0 < 15.00.1497.015affected
MicrosoftMicrosoft Exchange Server 2016 Cumulative Update 1915.01.0 < 15.01.2176.012affected
MicrosoftMicrosoft Exchange Server 2019 Cumulative Update 815.02.0 < 15.02.0792.013affected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: active
    • Automatable: yes
    • Technical Impact: partial

Additional References

References