| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| CVE-2021-26412 | Microsoft Exchange Server Remote Code Execution Vulnerability | Microsoft Exchange Server 2019 | Critical | 17-03-2021 |
Technical Information
Brief overview of the risk:
A remote code execution vulnerability in Microsoft Exchange Servers which Microsoft patched as a part of out-of-band security updates. An attacker who successfully exploited the vulnerability could execute arbitrary code in the context of the logged on user. There have been reports of this vulnerability getting exploited in the wild.
Further information on this vulnerability is available at : CVE-2021-26412
Affected Software
Microsoft Exchange Server 2013 Cumulative Update 23Microsoft Exchange Server 2019 Cumulative Update 7
Microsoft Exchange Server 2016 Cumulative Update 18
Microsoft Exchange Server 2016 Cumulative Update 19
Microsoft Exchange Server 2019 Cumulative Update 8