CVE-2021-26855

Microsoft Exchange Server Remote Code Execution Vulnerability

Severity Score

9.1

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

Yes

*KEV

Decision

Act

*SSVC

Descriptions

Microsoft Exchange Server Remote Code Execution Vulnerability

Una Vulnerabilidad de Ejecución de código remota de Microsoft Exchange Server. Este ID de CVE es diferente de CVE-2021-26412, CVE-2021-26854, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078

Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution. This vulnerability is part of the ProxyLogon exploit chain.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:Act

Exploitation

Active

Automatable

Yes

Tech. Impact

Total

* Organization's Worst-case Scenario

Timeline

2021-02-08 CVE Reserved
2021-03-02 CVE Published
2021-03-06 First Exploit
2021-04-16 KEV Due Date
2021-11-03 Exploited in Wild
2025-02-04 CVE Updated
2025-03-29 EPSS Updated

CWE

CWE-918: Server-Side Request Forgery (SSRF)

CAPEC

References (64)

URL	Tag	Source
https://proxylogon.com
https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server

URL	Date	SRC
https://packetstorm.news/files/id/181115	2024-09-01
https://packetstorm.news/files/id/180640	2024-08-31
https://packetstorm.news/files/id/162736	2021-05-21
https://packetstorm.news/files/id/161846	2021-03-18
https://packetstorm.news/files/id/161938	2021-03-23
https://packetstorm.news/files/id/162610	2021-05-18
https://www.exploit-db.com/exploits/49663	2021-03-14
https://www.exploit-db.com/exploits/49637	2021-03-11
https://www.exploit-db.com/exploits/49879	2021-05-18
https://www.exploit-db.com/exploits/49895	2021-05-21
https://github.com/h4x0r-dz/CVE-2021-26855	2021-03-09
https://github.com/hackerxj007/CVE-2021-26855	2021-03-08
https://github.com/hackerschoice/CVE-2021-26855	2021-03-11
https://github.com/ZephrFish/Exch-CVE-2021-26855	2021-03-15
https://github.com/srvaccount/CVE-2021-26855-PoC	2021-03-09
https://github.com/pussycat0x/CVE-2021-26855-SSRF	2021-03-10
https://github.com/raheel0x01/CVE-2021-26855	2024-01-01
https://github.com/mil1200/ProxyLogon-CVE-2021-26855	2021-03-14
https://github.com/Mr-xn/CVE-2021-26855-d	2021-03-15
https://github.com/La3B0z/CVE-2021-26855-SSRF-Exchange	2021-03-06
https://github.com/catmandx/CVE-2021-26855-Exchange-RCE	2021-03-18
https://github.com/shacojx/CVE-2021-26855-exploit-Exchange	2021-04-05
https://github.com/shacojx/Scan-Vuln-CVE-2021-26855	2021-04-05
https://github.com/TaroballzChen/ProxyLogon-CVE-2021-26855-metasploit	2021-03-17
https://github.com/KotSec/CVE-2021-26855-Scanner	2021-03-12
https://github.com/hictf/CVE-2021-26855-CVE-2021-27065	2021-03-23
https://github.com/glen-pearson/ProxyLogon-CVE-2021-26855	2024-06-28
https://github.com/sgnls/exchange-0days-202103	2022-11-25
https://github.com/soteria-security/HAFNIUM-IOC	2023-08-03
https://github.com/cert-lv/exchange_webshell_detection	2024-07-29
https://github.com/conjojo/Microsoft_Exchange_Server_SSRF_CVE-2021-26855	2024-11-01
https://github.com/mekhalleh/exchange_proxylogon	2021-09-12
https://github.com/Yt1g3r/CVE-2021-26855_SSRF	2024-08-12
https://github.com/dwisiswant0/proxylogscan	2024-11-16
https://github.com/mauricelambert/ExchangeWeaknessTest	2021-03-09
https://github.com/DCScoder/Exchange_IOC_Hunter	2021-03-17
https://github.com/alt3kx/CVE-2021-26855_PoC	2024-08-25
https://github.com/r0xdeadbeef/CVE-2021-26855	2024-08-12
https://github.com/SCS-Labs/HAFNIUM-Microsoft-Exchange-0day	2021-04-19
https://github.com/hakivvi/proxylogon	2024-09-06
https://github.com/evilashz/ExchangeSSRFtoRCEExploit	2024-08-12
https://github.com/RickGeex/ProxyLogon	2024-09-24
https://github.com/Immersive-Labs-Sec/ProxyLogon	2021-03-24
https://github.com/p0wershe11/ProxyLogon	2024-12-05
https://github.com/praetorian-inc/proxylogon-exploit	2024-08-12
https://github.com/Flangvik/SharpProxyLogon	2024-11-27
https://github.com/hosch3n/ProxyVulns	2024-12-03
https://github.com/Nick-Yin12/106362522	2021-04-19
https://github.com/yaoxiaoangry3/Flangvik	2021-10-30
https://github.com/thau0x01/poc_proxylogon	2024-02-29
https://github.com/1342486672/Flangvik	2022-06-07
https://github.com/TheDudeD6/ExchangeSmash	2022-06-24
https://github.com/kh4sh3i/ProxyLogon	2024-10-10
https://github.com/ssrsec/Microsoft-Exchange-RCE	2023-02-03
https://github.com/MacAsure/cve-2021-26855	2023-04-25
https://github.com/timb-machine-mirrors/testanull-CVE-2021-26855_read_poc.txt	2024-01-04
https://github.com/ShyTangerine/cve-2021-26855	2023-04-25
http://packetstormsecurity.com/files/161846/Microsoft-Exchange-2019-SSRF-Arbitrary-File-Write.html	2025-02-04
http://packetstormsecurity.com/files/161938/Microsoft-Exchange-ProxyLogon-Remote-Code-Execution.html	2025-02-04
http://packetstormsecurity.com/files/162610/Microsoft-Exchange-2019-Unauthenticated-Email-Download.html	2025-02-04
http://packetstormsecurity.com/files/162736/Microsoft-Exchange-ProxyLogon-Collector.html	2025-02-04

URL	Date	SRC
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26855	2024-02-15

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Microsoft Search vendor "Microsoft"		Exchange Server Search vendor "Microsoft" for product "Exchange Server"				2013 Search vendor "Microsoft" for product "Exchange Server" and version "2013"		cumulative_update_21		Affected
Microsoft Search vendor "Microsoft"		Exchange Server Search vendor "Microsoft" for product "Exchange Server"				2013 Search vendor "Microsoft" for product "Exchange Server" and version "2013"		cumulative_update_22		Affected
Microsoft Search vendor "Microsoft"		Exchange Server Search vendor "Microsoft" for product "Exchange Server"				2013 Search vendor "Microsoft" for product "Exchange Server" and version "2013"		cumulative_update_23		Affected
Microsoft Search vendor "Microsoft"		Exchange Server Search vendor "Microsoft" for product "Exchange Server"				2016 Search vendor "Microsoft" for product "Exchange Server" and version "2016"		cumulative_update_10		Affected
Microsoft Search vendor "Microsoft"		Exchange Server Search vendor "Microsoft" for product "Exchange Server"				2016 Search vendor "Microsoft" for product "Exchange Server" and version "2016"		cumulative_update_11		Affected
Microsoft Search vendor "Microsoft"		Exchange Server Search vendor "Microsoft" for product "Exchange Server"				2016 Search vendor "Microsoft" for product "Exchange Server" and version "2016"		cumulative_update_12		Affected
Microsoft Search vendor "Microsoft"		Exchange Server Search vendor "Microsoft" for product "Exchange Server"				2016 Search vendor "Microsoft" for product "Exchange Server" and version "2016"		cumulative_update_13		Affected
Microsoft Search vendor "Microsoft"		Exchange Server Search vendor "Microsoft" for product "Exchange Server"				2016 Search vendor "Microsoft" for product "Exchange Server" and version "2016"		cumulative_update_14		Affected
Microsoft Search vendor "Microsoft"		Exchange Server Search vendor "Microsoft" for product "Exchange Server"				2016 Search vendor "Microsoft" for product "Exchange Server" and version "2016"		cumulative_update_15		Affected
Microsoft Search vendor "Microsoft"		Exchange Server Search vendor "Microsoft" for product "Exchange Server"				2016 Search vendor "Microsoft" for product "Exchange Server" and version "2016"		cumulative_update_16		Affected
Microsoft Search vendor "Microsoft"		Exchange Server Search vendor "Microsoft" for product "Exchange Server"				2016 Search vendor "Microsoft" for product "Exchange Server" and version "2016"		cumulative_update_17		Affected
Microsoft Search vendor "Microsoft"		Exchange Server Search vendor "Microsoft" for product "Exchange Server"				2016 Search vendor "Microsoft" for product "Exchange Server" and version "2016"		cumulative_update_18		Affected
Microsoft Search vendor "Microsoft"		Exchange Server Search vendor "Microsoft" for product "Exchange Server"				2016 Search vendor "Microsoft" for product "Exchange Server" and version "2016"		cumulative_update_19		Affected
Microsoft Search vendor "Microsoft"		Exchange Server Search vendor "Microsoft" for product "Exchange Server"				2016 Search vendor "Microsoft" for product "Exchange Server" and version "2016"		cumulative_update_8		Affected
Microsoft Search vendor "Microsoft"		Exchange Server Search vendor "Microsoft" for product "Exchange Server"				2016 Search vendor "Microsoft" for product "Exchange Server" and version "2016"		cumulative_update_9		Affected
Microsoft Search vendor "Microsoft"		Exchange Server Search vendor "Microsoft" for product "Exchange Server"				2019 Search vendor "Microsoft" for product "Exchange Server" and version "2019"		-		Affected
Microsoft Search vendor "Microsoft"		Exchange Server Search vendor "Microsoft" for product "Exchange Server"				2019 Search vendor "Microsoft" for product "Exchange Server" and version "2019"		cumulative_update_1		Affected
Microsoft Search vendor "Microsoft"		Exchange Server Search vendor "Microsoft" for product "Exchange Server"				2019 Search vendor "Microsoft" for product "Exchange Server" and version "2019"		cumulative_update_2		Affected
Microsoft Search vendor "Microsoft"		Exchange Server Search vendor "Microsoft" for product "Exchange Server"				2019 Search vendor "Microsoft" for product "Exchange Server" and version "2019"		cumulative_update_3		Affected
Microsoft Search vendor "Microsoft"		Exchange Server Search vendor "Microsoft" for product "Exchange Server"				2019 Search vendor "Microsoft" for product "Exchange Server" and version "2019"		cumulative_update_4		Affected
Microsoft Search vendor "Microsoft"		Exchange Server Search vendor "Microsoft" for product "Exchange Server"				2019 Search vendor "Microsoft" for product "Exchange Server" and version "2019"		cumulative_update_5		Affected
Microsoft Search vendor "Microsoft"		Exchange Server Search vendor "Microsoft" for product "Exchange Server"				2019 Search vendor "Microsoft" for product "Exchange Server" and version "2019"		cumulative_update_6		Affected
Microsoft Search vendor "Microsoft"		Exchange Server Search vendor "Microsoft" for product "Exchange Server"				2019 Search vendor "Microsoft" for product "Exchange Server" and version "2019"		cumulative_update_7		Affected
Microsoft Search vendor "Microsoft"		Exchange Server Search vendor "Microsoft" for product "Exchange Server"				2019 Search vendor "Microsoft" for product "Exchange Server" and version "2019"		cumulative_update_8		Affected