CVE-2021-26858

Vulnerability updated 7 months ago (2024-05-04T19:50:54.913Z)
Download STIX
Preview STIX
Not enough context has been learned about CVE-2021-26858 for a description yet. However we're tracking it as a Vulnerability profile. Vulnerability: A flaw in software design or implementation
Description last updated:
What's your take? (Question 1 of 2)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
Proxylogon is a possible alias for CVE-2021-26858. ProxyLogon is a significant software vulnerability that was discovered in Microsoft Exchange Server. It is part of an exploit chain, including CVE-2021-26855, which is a server-side request forgery (SSRF) vulnerability. This flaw allows attackers to bypass authentication mechanisms and impersonate u
3
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Microsoft
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Vulnerabilities
To see the evidence that has resulted in these vulnerability associations, create a free account
Alias DescriptionAssociation TypeVotes
The CVE-2021-26855 Vulnerability is associated with CVE-2021-26858. CVE-2021-26855 is a zero-day server-side request forgery (SSRF) vulnerability in Microsoft Exchange servers, particularly versions 2013, 2016, and 2019. This flaw in software design or implementation was exploited by attackers to gain initial access to the email servers and drop an ASPX webshell on Unspecified
2
Source Document References
Information about the CVE-2021-26858 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
DARKReading
a month ago
Trend Micro
a month ago
InfoSecurity-magazine
2 months ago
MITRE
a year ago
MITRE
a year ago
CERT-EU
a year ago
Securelist
a year ago
CISA
a year ago
MITRE
2 years ago
MITRE
2 years ago
MITRE
2 years ago
CISA
2 years ago
CISA
2 years ago
GovCERT CH
2 years ago
CISA
2 years ago
CISA
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago