Microsoft CVE-2021-26855: Microsoft Exchange Server Remote Code Execution Vulnerability (HAFNIUM Exploited)
Description
There exists a server-side request forgery (SSRF) vulnerability in Exchange which allows the attacker to send arbitrary HTTP requests and authenticate as the Exchange server.
Solution(s)
msft-kb5000871-2dbdda16-f1ba-4b6a-891c-f92d6c05647cmsft-kb5000871-30386cf9-1373-4798-90b7-056d667875b3msft-kb5000871-3ef89683-3703-4a5d-b855-38579ba99a85msft-kb5000871-c6ed44ca-634b-4b5c-91ba-12232d8ec98emsft-kb5000871-dbbef9bc-f60b-4ee9-9d7d-22899fe76e70
Referenceshttps://attackerkb.com/topics/cve-2021-26855CVE - 2021-268555000871https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/