Microsoft Exchange - Remote Code Execution (ProxyNotFound - CVE-2021-28480, CVE-2021-28481, CVE-2021-28482, CVE-2021-28483) (CVE-2021-28480, CVE-2021-28481, CVE-2021-28482, CVE-2021-28483)
- CVSSv3 Score
- Vulnerability description
Microsoft Exchange is vulnerable to the ProxyNotFound attack chain, a Remote Code Execution vulnerability, affecting the ecp endpoint, that can be used by an unauthenticated malicious attacker to execute commands on the server. CVE-2021-28480 and CVE-28481 are pre-authentication vulnerabilities, and CVE-2021-28482 and CVE-28483 are post-authgentication vulnerabilities.
- Risk description
The risk exists that a remote unauthenticated attacker can fully compromise the Exchange server in order to steal confidential information, install ransomware or pivot to the internal network.
Upgrade the Exchange server to the latest version or to the following cumulative updates: Microsoft Exchange Server 2019 - Cumulative Update 9 Microsoft Exchange Server 2019 - Cumulative Update 8 Microsoft Exchange Server 2016 - Cumulative Update 20 Microsoft Exchange Server 2016 - Cumulative Update 19 Microsoft Exchange Server 2013 - Cumulative Update 23