Main Vulnerability Database Exploits ID:6713 - Exploit for Permissions, Privileges, and Access Controls in Microsoft Exchange Server - CVE-2021-34523

ID:6713 - Exploit for Permissions, Privileges, and Access Controls in Microsoft Exchange Server - CVE-2021-34523

Published: September 7, 2021

Vulnerability identifier: #VU54704

Vulnerability risk: Low

CVE-ID: CVE-2021-34523

CWE-ID: CWE-264

Exploitation vector: Local access

Vulnerable software:
Microsoft Exchange Server

Link to public exploit:

https://github.com/horizon3ai/proxyshell

Vulnerability description

The vulnerability allows a remote local to escalate privileges on the system.

The vulnerability exists due to application does not properly impose security restrictions in the Microsoft Exchange Server, which leads to security restrictions bypass and privilege escalation.

Remediation

Install updates from vendor's website.

ID:6713 - Exploit for Permissions, Privileges, and Access Controls in Microsoft Exchange Server - CVE-2021-34523

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human