CVE-2021-34523

Vulnerability updated 7 months ago (2024-05-04T17:33:27.550Z)

Download STIX

Preview STIX

Not enough context has been learned about CVE-2021-34523 for a description yet. However we're tracking it as a Vulnerability profile. Vulnerability: A flaw in software design or implementation

Description last updated:

What's your take? (Question 1 of 5)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Microsoft

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

Alias Description	Association Type	Votes
The Hive Malware is associated with CVE-2021-34523. Hive is a form of malware, specifically ransomware, designed to exploit and damage computer systems. It infiltrates systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, Hive can steal personal information, disrupt operations, or hold data hostag	Unspecified	2

Associated Threat Actors

To see the evidence that has resulted in these threatActor associations, create a free account

Alias Description	Association Type	Votes
The APT40 Threat Actor is associated with CVE-2021-34523. APT40, a threat actor attributed to China, is a cyber espionage group that primarily targets countries of strategic importance to the Belt and Road Initiative. The group is known for its use of a variety of attack vectors, notably spear-phishing emails posing as individuals likely to be of interest	Unspecified	2

Associated Vulnerabilities

To see the evidence that has resulted in these vulnerability associations, create a free account

Alias Description	Association Type	Votes
The Proxyshell Vulnerability is associated with CVE-2021-34523. ProxyShell is a vulnerability that affects Microsoft Exchange email servers, posing a significant risk to organizations worldwide. This flaw in software design or implementation allows attackers to exploit the system and gain unauthorized access. Since early 2021, Iranian government-sponsored APT ac	Unspecified	6
The CVE-2021-31207 Vulnerability is associated with CVE-2021-34523. CVE-2021-31207 is a significant software vulnerability that has been exploited by APT40, a group known for rapidly taking advantage of newly public vulnerabilities in widely used software. This particular vulnerability affects Atlassian Confluence and Microsoft Exchange, among other platforms, and a	Unspecified	3
The CVE-2021-34473 Vulnerability is associated with CVE-2021-34523. CVE-2021-34473 is a significant software vulnerability that was discovered in Microsoft Exchange Server. This flaw, along with two others (CVE-2021-31207 and CVE-2021-34523), forms a chain of vulnerabilities known as ProxyShell. These vulnerabilities can be exploited together by remote attackers to	Unspecified	3
The Proxylogon Vulnerability is associated with CVE-2021-34523. ProxyLogon is a significant software vulnerability that was discovered in Microsoft Exchange Server. It is part of an exploit chain, including CVE-2021-26855, which is a server-side request forgery (SSRF) vulnerability. This flaw allows attackers to bypass authentication mechanisms and impersonate u	Unspecified	2
The Proxyshell Cve-2021-34473 Vulnerability is associated with CVE-2021-34523. ProxyShell (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207) is a set of three chained vulnerabilities that perform unauthenticated remote code execution (RCE) in Microsoft Exchange. Identified as a significant flaw in software design or implementation, it allows unauthorized users to execute arbitra	Unspecified	2
The CVE-2021-44228 Vulnerability is associated with CVE-2021-34523. CVE-2021-44228, also known as the Log4Shell vulnerability, is a significant flaw in Apache's Log4j software. Disclosed in December 2021, it quickly became one of the most severe bugs due to its widespread usage and potential for exploitation. Various Advanced Persistent Threat (APT) actors attempted	Unspecified	2
The Log4Shell Vulnerability is associated with CVE-2021-34523. Log4Shell is a significant software vulnerability (CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105) that exists in the Log4j Java-based logging utility. It was exploited by various Advanced Persistent Threat (APT) actors, including LockBit affiliates and GOLD MELODY (UNC961), to gain unauthorized	Unspecified	2

Source Document References

Information about the CVE-2021-34523 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
InfoSecurity-magazine	2 months ago	14 Million Patients Impacted by US Healthcare Data Breaches in 2024
Securelist	3 months ago	New malicious web shell from the Tropic Trooper group is found in the Middle East
Securityaffairs	4 months ago	Cybersecurity agencies warn of China-linked APT40 's capabilities
CISA	4 months ago	People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action \| CISA
Securityaffairs	6 months ago	A malware campaign exploits Microsoft Exchange Server flaws
CERT-EU	10 months ago	ProxyShell-targeting Babuk Tortilla ransomware decrypted after hacker’s arrest \| #ransomware \| #cybercrime \| National Cyber Security Consulting
MITRE	a year ago	RaaS AvosLocker Incident Response Analysis
MITRE	a year ago	Ransomware Spotlight: AvosLocker
CERT-EU	a year ago	GitHub - kh4sh3i/ProxyShell: CVE-2021-34473 Microsoft Exchange Server Remote Code Execution Vulnerability
SecurityIntelligence.com	a year ago	X-Force Research Update: Top 10 Cybersecurity Vulnerabilities of 2021
CERT-EU	a year ago	What we know about BlackCat and the MGM hack
Securityaffairs	a year ago	Earth Lusca expands its arsenal with SprySOCKS Linux malware
Trend Micro	a year ago	Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement
CERT-EU	a year ago	From Caribbean shores to your devices: analyzing Cuba ransomware – GIXtools
Securelist	a year ago	Analysis of Cuba ransomware gang activity and tooling
CERT-EU	a year ago	Qualys Top 20 Exploited Vulnerabilities \| Qualys Security Blog
Malwarebytes	a year ago	2022's most routinely exploited vulnerabilities—history repeats
CERT-EU	a year ago	Unmasking the top exploited vulnerabilities of 2022 – GIXtools
CERT-EU	a year ago	Five Eyes intelligence agencies discloses the 12 top-exploited vulnerabilities of 2022
BankInfoSecurity	a year ago	Patching Conundrum: 5-Year Old Flaw Again Tops Most-Hit List