Alias Description | Votes |
---|---|
Proxyshell is a possible alias for CVE-2021-34473. ProxyShell is a vulnerability that affects Microsoft Exchange email servers, posing a significant risk to organizations worldwide. This flaw in software design or implementation allows attackers to exploit the system and gain unauthorized access. Since early 2021, Iranian government-sponsored APT ac | 8 |
Alias Description | Association Type | Votes |
---|---|---|
The Hive Malware is associated with CVE-2021-34473. Hive is a form of malware, specifically ransomware, designed to exploit and damage computer systems. It infiltrates systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, Hive can steal personal information, disrupt operations, or hold data hostag | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The APT40 Threat Actor is associated with CVE-2021-34473. APT40, a threat actor attributed to China, is a cyber espionage group that primarily targets countries of strategic importance to the Belt and Road Initiative. The group is known for its use of a variety of attack vectors, notably spear-phishing emails posing as individuals likely to be of interest | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The CVE-2021-31207 Vulnerability is associated with CVE-2021-34473. CVE-2021-31207 is a significant software vulnerability that has been exploited by APT40, a group known for rapidly taking advantage of newly public vulnerabilities in widely used software. This particular vulnerability affects Atlassian Confluence and Microsoft Exchange, among other platforms, and a | Unspecified | 5 |
The vulnerability CVE-2021-34523 is associated with CVE-2021-34473. | Unspecified | 3 |
The Proxylogon Vulnerability is associated with CVE-2021-34473. ProxyLogon is a serious software vulnerability, specifically an exploit chain in Microsoft Exchange Server. The chain includes CVE-2021-26855, a server-side request forgery (SSRF) vulnerability that allows attackers to bypass authentication and impersonate users, along with other vulnerabilities suc | Unspecified | 3 |
The CVE-2021-44228 Vulnerability is associated with CVE-2021-34473. CVE-2021-44228, also known as the Log4Shell vulnerability, is a significant flaw in Apache's Log4j software. Disclosed in December 2021, it quickly became one of the most severe bugs due to its widespread usage and potential for exploitation. Various Advanced Persistent Threat (APT) actors attempted | Unspecified | 3 |
The Follina Vulnerability is associated with CVE-2021-34473. Follina (CVE-2022-30190) is a software vulnerability that was discovered and exploited in the first half of 2022. It was weaponized by TA413, a malicious entity known for its cyber attacks, shortly after its discovery and publication. The vulnerability was used to target the Sophos Firewall product, | Unspecified | 2 |
The Log4Shell Vulnerability is associated with CVE-2021-34473. Log4Shell is a significant software vulnerability (CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105) that exists in the Log4j Java-based logging utility. It was exploited by various Advanced Persistent Threat (APT) actors, including LockBit affiliates and GOLD MELODY (UNC961), to gain unauthorized | Unspecified | 2 |
The Proxyshell Cve-2021-34473 Vulnerability is associated with CVE-2021-34473. ProxyShell (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207) is a set of three chained vulnerabilities that perform unauthenticated remote code execution (RCE) in Microsoft Exchange. Identified as a significant flaw in software design or implementation, it allows unauthorized users to execute arbitra | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
CISA | a month ago | ||
InfoSecurity-magazine | 3 months ago | ||
Securelist | 4 months ago | ||
Securityaffairs | 5 months ago | ||
CISA | 5 months ago | ||
BankInfoSecurity | 7 months ago | ||
Unit42 | 7 months ago | ||
Securityaffairs | 7 months ago | ||
CERT-EU | 10 months ago | ||
CERT-EU | a year ago | ||
MITRE | a year ago | ||
MITRE | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
Securityaffairs | a year ago | ||
Trend Micro | a year ago | ||
DARKReading | a year ago |