CVE-2021-34470

Summary

Microsoft Exchange Server Elevation of Privilege Vulnerability

Affected Software

VendorProductVersion RangeStatus
MicrosoftMicrosoft Exchange Server 2013 Cumulative Update 2315.00.0 < 15.00.1497.023affected
MicrosoftMicrosoft Exchange Server 2019 Cumulative Update 1015.02.0 < 15.02.0922.007affected
MicrosoftMicrosoft Exchange Server 2016 Cumulative Update 2115.01.0 < 15.01.2308.008affected

Weaknesses

  • Elevation of Privilege

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

References