Microsoft Exchange - Remote Code Execution (ProxyShell - CVE-2021-34473, CVE-2021-34523, CVE-2021-31207)

Name: Microsoft Exchange - Remote Code Execution (ProxyShell - CVE-2021-34473, CVE-2021-34523, CVE-2021-31207) (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207)
Published: 2021-09-15T00:00:00.000Z

Severity

Vulnerability description: Not available
Risk description: Not available
Exploit capabilities: Sniper can gain unauthenticated Remote Code Execution on the target system and extract multiple artefacts as evidence.
Recommendation: Not available
References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34473 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34523 https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31207
Codename: ProxyShell

Detectable with: Network Scanner
Scan engine: Sniper
Exploitable with Sniper: Yes
CVE Published: Aug 1, 2021
Detection added at: Sep 15, 2021
Software Type: Email server
Vendor: Microsoft
Product: Exchange Server

Detect this vulnerability now!

Check your clients' targets (or your own) for this vulnerability and thousands more! Get proof for validation with our ethical hacking toolkit.

Compare paid plans Free access