VDB

CNVD-2021-90307

CNVD-2021-90307 PUBLISHED CVSS 8.699999809265137 HIGH

Microsoft Exchange Server是美国微软(Microsoft)公司的一套电子邮件服务程序。它提供邮件存取、储存、转发,语音邮件,邮件过滤筛选等功能。 Microsoft Exchange Server存在远程代码执行漏洞,攻击者可通过发送特制的恶意数据到服务器利用该漏洞在服务器上远程执行任意代码。

Risk Scores

CVSS 4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products

VendorProductVersions
MicrosoftMicrosoft Exchange Server 2019 Cumulative Update 1115.02.0
MicrosoftMicrosoft Exchange Server 2016 Cumulative Update 2215.0.0
MicrosoftMicrosoft Exchange Server 2019 Cumulative Update 1015.02.0
MicrosoftMicrosoft Exchange Server 2016 Cumulative Update 2115.01.0

Timeline

  • Aug 24, 2021 CVE Published
  • Nov 10, 2021 PoC Published
  • Nov 20, 2021 PoC Published
  • Nov 24, 2021 PoC Published
  • Aug 19, 2022 PoC Published
  • Dec 6, 2024 PoC Published
  • Dec 24, 2024 PoC Published
  • Feb 6, 2025 PoC Published
  • Feb 23, 2025 PoC Published
  • Feb 23, 2025 PoC Published
  • Feb 28, 2025 PoC Published
  • Sep 30, 2025 PoC Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›