First published: Tue May 11 2021(Updated: )
Microsoft Exchange Server Spoofing Vulnerability
Credit: secure@microsoft.com secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Exchange Server | =2013-cumulative_update_23 | |
Microsoft Exchange Server | =2016-cumulative_update_19 | |
Microsoft Exchange Server | =2016-cumulative_update_20 | |
Microsoft Exchange Server | =2019-cumulative_update_8 | |
Microsoft Exchange Server | =2019-cumulative_update_9 | |
Microsoft Exchange Server 2016 | =19 | |
Microsoft Exchange Server 2019 | =8 | |
Microsoft Exchange Server 2013 | =23 | |
Microsoft Exchange Server 2016 | =20 | |
Microsoft Exchange Server 2019 | =9 | |
Microsoft Exchange |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-31209 is a vulnerability in Microsoft Exchange Server that allows network-adjacent attackers to tamper with update data.
CVE-2021-31209 has a severity rating of 6.5, which is considered high.
The affected software for CVE-2021-31209 includes Microsoft Exchange Server 2013, 2016, and 2019.
To fix CVE-2021-31209, apply the relevant patches or updates provided by Microsoft for your specific version of Exchange Server.
You can find more information about CVE-2021-31209 on the Microsoft Security Response Center (MSRC) website and the Zero Day Initiative (ZDI) advisory.