← Back

CVE-2021-34473

nvd nistnuclei
Published: Jul 14, 2021Modified: Oct 29, 2025CISA KEV

JSON object

Loading...
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD (Secondary)

Description

Microsoft Exchange Server Remote Code Execution Vulnerability

Affected (5)

Microsoft
1 product
Exchange Server
Configuration A
5 vulnerable
Vulnerable SoftwareAffected Versions
Microsoft
Exchange Server
Version 2013 cumulative_update_23
Exchange Server
Version 2016 cumulative_update_19
Exchange Server
Version 2016 cumulative_update_20
Exchange Server
Version 2019 cumulative_update_8
Exchange Server
Version 2019 cumulative_update_9

Related CWEs

CWE-918
Server-Side Request Forgery (SSRF)
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

References (7)

Source: secure@microsoft.com
ExploitThird Party AdvisoryVDB Entry
Source: secure@microsoft.com
PatchVendor Advisory
Source: secure@microsoft.com
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
US Government Resource

Timeline

No history available yet.