<< Back
CVE Number Vulnerability Product Severity Date
CVE-2021-27065 Microsoft Exchange Server Remote Code Execution Vulnerability Microsoft Exchange Server 2019 Critical 17-03-2021

Technical Information

Brief overview of the risk:

This is a post authentication arbitrary file upload  vulnerability which on successful exploitation may allow an authenticated attacker to achieve remote code execution on the vulnerable Exchange Servers.

Further information on this vulnerability is available at : CVE-2021-27065

Affected Software

Microsoft Exchange Server 2013 Cumulative Update 23
Microsoft Exchange Server 2016 Cumulative Update 14
Microsoft Exchange Server 2019 Cumulative Update 4
Microsoft Exchange Server 2016 Cumulative Update 15
Microsoft Exchange Server 2019 Cumulative Update 5
Microsoft Exchange Server 2019 Cumulative Update 6
Microsoft Exchange Server 2016 Cumulative Update 16
Microsoft Exchange Server 2019 Cumulative Update 7
Microsoft Exchange Server 2016 Cumulative Update 18
Microsoft Exchange Server 2016 Cumulative Update 19
Microsoft Exchange Server 2019 Cumulative Update 8