First published: Tue Jul 13 2021(Updated: )
Microsoft Exchange Information Disclosure Vulnerability
Credit: secure@microsoft.com secure@microsoft.com secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Exchange | ||
Microsoft Exchange Server 2016 | =19 | |
Microsoft Exchange Server 2013 | =23 | |
Microsoft Exchange Server 2019 | =8 | |
Microsoft Exchange Server 2019 | =9 | |
Microsoft Exchange Server 2016 | =20 | |
Microsoft Exchange Server | =2013-cumulative_update_23 | |
Microsoft Exchange Server | =2016-cumulative_update_19 | |
Microsoft Exchange Server | =2016-cumulative_update_20 | |
Microsoft Exchange Server | =2019-cumulative_update_8 | |
Microsoft Exchange Server | =2019-cumulative_update_9 | |
Microsoft Exchange Server | ||
=2013-cumulative_update_23 | ||
=2016-cumulative_update_19 | ||
=2016-cumulative_update_20 | ||
=2019-cumulative_update_8 | ||
=2019-cumulative_update_9 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-33766 is a vulnerability that allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange Server.
CVE-2021-33766 has a severity rating of 7.5, which is considered high.
Microsoft Exchange Server 2013, 2016, and 2019 are affected by CVE-2021-33766.
No, authentication is not required to exploit CVE-2021-33766.
To fix CVE-2021-33766, apply the relevant patches provided by Microsoft or follow the recommended remediation steps available on their support website.