CVE-2021-26857

Vulnerability updated 4 months ago (2024-05-04T20:10:11.839Z)

Download STIX

Preview STIX

Not enough context has been learned about CVE-2021-26857 for a description yet. However we're tracking it as a Vulnerability profile. Vulnerability: A flaw in software design or implementation

Description last updated:

What's your take? (Question 1 of 2)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.

ID	Votes	Profile Description
Proxylogon	2	ProxyLogon is a significant software vulnerability, specifically a server-side request forgery (SSRF) vulnerability in Microsoft Exchange Server. Identified as CVE-2021-26855, it forms part of the ProxyLogon exploit chain and allows attackers to bypass authentication mechanisms and impersonate users

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Microsoft

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Vulnerabilities

To see the evidence that has resulted in these vulnerability associations, create a free account

ID	Type	Votes	Profile Description
CVE-2021-26855	Unspecified	2	CVE-2021-26855 is a zero-day server-side request forgery (SSRF) vulnerability in Microsoft Exchange servers, particularly versions 2013, 2016, and 2019. This flaw in software design or implementation was exploited by attackers to gain initial access to the email servers and drop an ASPX webshell on

Source Document References

Information about the CVE-2021-26857 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
MITRE	9 months ago	Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021 \| Microsoft Security Blog
MITRE	9 months ago	Analyzing Attacker Behavior Post-Exploitation of MS Exchange \| Rapid7 Blog
SecurityIntelligence.com	10 months ago	X-Force Research Update: Top 10 Cybersecurity Vulnerabilities of 2021
CERT-EU	a year ago	From Caribbean shores to your devices: analyzing Cuba ransomware – GIXtools
Securelist	a year ago	Analysis of Cuba ransomware gang activity and tooling
CISA	a year ago	2022 Top Routinely Exploited Vulnerabilities \| CISA
CERT-EU	a year ago	Close Quarters Encounters with Third Generation Malware Compels UK and Danish Municipalities to Remodel Vulnerability Management Safeguards
MITRE	2 years ago	HAFNIUM targeting Exchange Servers with 0-day exploits - Microsoft Security Blog
MITRE	2 years ago	Exchange servers under siege from at least 10 APT groups \| WeLiveSecurity
MITRE	2 years ago	Iron Tiger APT Updates Toolkit With Evolved SysUpdate Malware
CISA	2 years ago	Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization \| CISA
CISA	2 years ago	Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors \| CISA
GovCERT CH	2 years ago	Exchange Vulnerability 2021
CISA	2 years ago	Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization \| CISA
CISA	2 years ago	Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors \| CISA
CERT-EU	a year ago	A Mere Five Percent of Vulnerable Enterprises Fix Their Issues Every Month: How to Help Them Do Better? \| Bitsight
CERT-EU	a year ago	Cybersecurity threatscape: year 2021 in review