CVE-2021-27065

Vulnerability updated 4 months ago (2024-05-04T20:39:42.704Z)

Download STIX

Preview STIX

Not enough context has been learned about CVE-2021-27065 for a description yet. However we're tracking it as a Vulnerability profile. Vulnerability: A flaw in software design or implementation

Description last updated:

What's your take? (Question 1 of 2)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Microsoft

Vulnerability

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Vulnerabilities

To see the evidence that has resulted in these vulnerability associations, create a free account

ID	Type	Votes	Profile Description
CVE-2021-26855	Unspecified	2	CVE-2021-26855 is a zero-day server-side request forgery (SSRF) vulnerability in Microsoft Exchange servers, particularly versions 2013, 2016, and 2019. This flaw in software design or implementation was exploited by attackers to gain initial access to the email servers and drop an ASPX webshell on

Source Document References

Information about the CVE-2021-27065 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
MITRE	9 months ago	Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021 \| Microsoft Security Blog
MITRE	9 months ago	Analyzing Attacker Behavior Post-Exploitation of MS Exchange \| Rapid7 Blog
MITRE	9 months ago	An In-Depth Look at Black Basta Ransomware
CERT-EU	9 months ago	Over 20,000 vulnerable Microsoft Exchange servers exposed to attacks
CERT-EU	9 months ago	Sensor Intel Series: Top CVEs in October 2023
CERT-EU	a year ago	Sensor Intel Series: Top CVEs in August 2023 \| F5 Labs
CERT-EU	a year ago	From Caribbean shores to your devices: analyzing Cuba ransomware – GIXtools
Securelist	a year ago	Analysis of Cuba ransomware gang activity and tooling
CISA	a year ago	2022 Top Routinely Exploited Vulnerabilities \| CISA
CERT-EU	a year ago	Sensor Intel Series: Top CVEs in May 2023
MITRE	2 years ago	Operation Exchange Marauder: Active Exploitation of Multiple Zero-Day Microsoft Exchange Vulnerabilities
MITRE	2 years ago	HAFNIUM targeting Exchange Servers with 0-day exploits - Microsoft Security Blog
MITRE	2 years ago	Exchange servers under siege from at least 10 APT groups \| WeLiveSecurity
MITRE	2 years ago	Iron Tiger APT Updates Toolkit With Evolved SysUpdate Malware
CISA	2 years ago	Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization \| CISA
CISA	2 years ago	Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors \| CISA
GovCERT CH	2 years ago	Exchange Vulnerability 2021
CISA	2 years ago	Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization \| CISA
CISA	2 years ago	Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors \| CISA
CERT-EU	a year ago	A Mere Five Percent of Vulnerable Enterprises Fix Their Issues Every Month: How to Help Them Do Better? \| Bitsight