First published: Tue May 11 2021(Updated: )
Microsoft Exchange Server contains an unspecified vulnerability that allows for security feature bypass.
Credit: secure@microsoft.com secure@microsoft.com secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Exchange Server 2016 | =19 | |
Microsoft Exchange Server 2013 | =23 | |
Microsoft Exchange Server 2019 | =9 | |
Microsoft Exchange Server 2019 | =8 | |
Microsoft Exchange Server 2016 | =20 | |
Microsoft Exchange Server | =2013-cumulative_update_23 | |
Microsoft Exchange Server | =2016-cumulative_update_19 | |
Microsoft Exchange Server | =2016-cumulative_update_20 | |
Microsoft Exchange Server | =2019-cumulative_update_8 | |
Microsoft Exchange Server | =2019-cumulative_update_9 | |
Microsoft Exchange | ||
Microsoft Exchange Server | ||
=2013-cumulative_update_23 | ||
=2016-cumulative_update_19 | ||
=2016-cumulative_update_20 | ||
=2019-cumulative_update_8 | ||
=2019-cumulative_update_9 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-31207 is a security feature bypass vulnerability in Microsoft Exchange Server.
CVE-2021-31207 allows remote attackers to execute arbitrary code on affected installations of Microsoft Exchange Server.
CVE-2021-31207 has a severity rating of 8.8, which is classified as high severity.
Microsoft Exchange Server 2013 (cumulative update 23), 2016 (cumulative update 19 and 20), and 2019 (cumulative update 8 and 9) are affected by CVE-2021-31207.
CVE-2021-31207 allows bypassing the existing authentication mechanism.