LAST UPDATED: 2021-04-23
This report contains a list of vulnerable Microsoft Exchange servers found through our scans.
As of 2021-04-23 this scan contains information on services with the following remote code execution pre-authorization vulnerabilities:
The CVE-2021-26855 vulnerability assessment is made based on Microsoft’s http-vuln-cve2021-26855.nse nmap detection script.
For more information on CVE-2021-26855 scanning efforts, please read about our previous special reports.
The CVE-2021-28480 and CVE-2021-28481 assessments are made based on detected Microsoft Exchange versions that have been reported to be vulnerable by Microsoft. Note that these versions are also susceptible to other post-auth vulnerabilities as mentioned here.
The following mapping is used to arrive at these affected versions: