CVE-2021-27065

Vulnerability updated 7 months ago (2024-05-04T20:39:42.704Z)

Download STIX

Preview STIX

Not enough context has been learned about CVE-2021-27065 for a description yet. However we're tracking it as a Vulnerability profile. Vulnerability: A flaw in software design or implementation

Description last updated:

What's your take? (Question 1 of 3)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.

Alias Description	Votes
Proxylogon is a possible alias for CVE-2021-27065. ProxyLogon is a significant software vulnerability that was discovered in Microsoft Exchange Server. It is part of an exploit chain, including CVE-2021-26855, which is a server-side request forgery (SSRF) vulnerability. This flaw allows attackers to bypass authentication mechanisms and impersonate u	3

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Microsoft

Vulnerability

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Vulnerabilities

To see the evidence that has resulted in these vulnerability associations, create a free account

Alias Description	Association Type	Votes
The CVE-2021-26855 Vulnerability is associated with CVE-2021-27065. CVE-2021-26855 is a zero-day server-side request forgery (SSRF) vulnerability in Microsoft Exchange servers, particularly versions 2013, 2016, and 2019. This flaw in software design or implementation was exploited by attackers to gain initial access to the email servers and drop an ASPX webshell on	Unspecified	2

Source Document References

Information about the CVE-2021-27065 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
DARKReading	a month ago	'Prometei' Botnet Spreads its Cryptojacker Worldwide
Trend Micro	a month ago	Unmasking Prometei A Deep Dive Into Our MXDR Findings
InfoSecurity-magazine	2 months ago	14 Million Patients Impacted by US Healthcare Data Breaches in 2024
MITRE	a year ago	Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021 \| Microsoft Security Blog
MITRE	a year ago	Analyzing Attacker Behavior Post-Exploitation of MS Exchange \| Rapid7 Blog
MITRE	a year ago	An In-Depth Look at Black Basta Ransomware
CERT-EU	a year ago	Over 20,000 vulnerable Microsoft Exchange servers exposed to attacks
CERT-EU	a year ago	Sensor Intel Series: Top CVEs in October 2023
CERT-EU	a year ago	Sensor Intel Series: Top CVEs in August 2023 \| F5 Labs
CERT-EU	a year ago	From Caribbean shores to your devices: analyzing Cuba ransomware – GIXtools
Securelist	a year ago	Analysis of Cuba ransomware gang activity and tooling
CISA	a year ago	2022 Top Routinely Exploited Vulnerabilities \| CISA
CERT-EU	a year ago	Sensor Intel Series: Top CVEs in May 2023
MITRE	2 years ago	Operation Exchange Marauder: Active Exploitation of Multiple Zero-Day Microsoft Exchange Vulnerabilities
MITRE	2 years ago	HAFNIUM targeting Exchange Servers with 0-day exploits - Microsoft Security Blog
MITRE	2 years ago	Exchange servers under siege from at least 10 APT groups \| WeLiveSecurity
MITRE	2 years ago	Iron Tiger APT Updates Toolkit With Evolved SysUpdate Malware
CISA	2 years ago	Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization \| CISA
CISA	2 years ago	Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors \| CISA
GovCERT CH	2 years ago	Exchange Vulnerability 2021