CVSS: 7.8EPSS: 79%CPEs: 5EXPL: 0CVE-2021-26858 – Microsoft Exchange Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-26858
02 Mar 2021 — Microsoft Exchange Server Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de código remota de Microsoft Exchange Server. Este ID de CVE es diferente de CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26857, CVE-2021-27065, CVE-2021-27078 Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution. This vulnerability is part of the ProxyLogon exploit chain. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26858 •
CVSS: 9.8EPSS: 94%CPEs: 24EXPL: 61CVE-2021-26855 – Microsoft Exchange Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-26855
02 Mar 2021 — Microsoft Exchange Server Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de código remota de Microsoft Exchange Server. Este ID de CVE es diferente de CVE-2021-26412, CVE-2021-26854, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078 Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution. This vulnerability is part of the ProxyLogon exploit chain. • https://packetstorm.news/files/id/181115 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 7.8EPSS: 8%CPEs: 6EXPL: 1CVE-2021-26857 – Microsoft Exchange Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-26857
02 Mar 2021 — Microsoft Exchange Server Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de código remota de Microsoft Exchange Server. Este ID de CVE es diferente de CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078 Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution. This vulnerability is part of the ProxyLogon exploit chain. • https://github.com/sirpedrotavares/Proxylogon-exploit • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.2EPSS: 11%CPEs: 5EXPL: 0CVE-2021-26854 – Microsoft Exchange Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-26854
02 Mar 2021 — Microsoft Exchange Server Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de código remota de Microsoft Exchange Server. Este ID de CVE es diferente de CVE-2021-26412, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26854 •
CVSS: 9.1EPSS: 28%CPEs: 5EXPL: 0CVE-2021-26412 – Microsoft Exchange Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-26412
02 Mar 2021 — Microsoft Exchange Server Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de código remota de Microsoft Exchange Server. Este ID de CVE es diferente de CVE-2021-26854, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26412 •
CVSS: 5.8EPSS: 2%CPEs: 2EXPL: 0CVE-2021-1730 – Microsoft Exchange Server Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2021-1730
25 Feb 2021 — <p>A spoofing vulnerability exists in Microsoft Exchange Server which could result in an attack that would allow a malicious actor to impersonate the user.</p> <p>This update addresses this vulnerability.</p> <p>To prevent these types of attacks, Microsoft recommends customers to download inline images from different DNSdomains than the rest of OWA. Please see further instructions in the FAQ to put in place this mitigations.</p> Una Vulnerabilidad de Suplantación de Identidad de Microsoft Exchange Server. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1730 •
CVSS: 6.5EPSS: 18%CPEs: 4EXPL: 2CVE-2021-24085 – Microsoft Exchange Server Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2021-24085
24 Feb 2021 — Microsoft Exchange Server Spoofing Vulnerability Una Vulnerabilidad de Suplantación de Identidad de Microsoft Exchange Server. Este ID de CVE es diferente de CVE-2021-1730 Microsoft Exchange Server has a flaw that exists within the HasValidCanary function inside of the Canary15 class. The issue results in an insecure generation of cross site request forgery tokens that can be used to install an office-addins. An attacker can leverage this vulnerability to escalate privileges to an administrative account. • https://packetstorm.news/files/id/161528 •
CVSS: 9.1EPSS: 3%CPEs: 5EXPL: 0CVE-2020-17142 – Microsoft Exchange Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-17142
09 Dec 2020 — Microsoft Exchange Remote Code Execution Vulnerability Vulnerabilidad de ejecución de código remota en Microsoft Exchange Este ID de CVE es diferente de CVE-2020-17117, CVE-2020-17132, CVE-2020-17141, CVE-2020-17144. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17142 •
CVSS: 8.8EPSS: 82%CPEs: 5EXPL: 0CVE-2020-17143 – Microsoft Exchange Server Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-17143
09 Dec 2020 — Microsoft Exchange Server Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de Microsoft Exchange • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17143 •
CVSS: 8.4EPSS: 38%CPEs: 4EXPL: 0CVE-2020-17141 – Microsoft Exchange Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-17141
09 Dec 2020 — Microsoft Exchange Remote Code Execution Vulnerability Vulnerabilidad de ejecución de código remota en Microsoft Exchange Este ID de CVE es diferente de CVE-2020-17117, CVE-2020-17132, CVE-2020-17142, CVE-2020-17144. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17141 •