1 min read

Mitigation Instructions for CVE-2021-26858

SUBJECT: CVE-2021-26858 Microsoft Exchange Server Security Feature Bypass Vulnerability

TECH STACK: Microsoft Exchange Server v. 2013, 2016, 2019

DATE(S) ISSUED: March 2, 2021


OVERVIEW: The Microsoft Exchange Server Security Feature Bypass vulnerability (CVE-2021-26858) is a vulnerability that could allow an attacker to bypass security measures in the Microsoft Exchange Server. The vulnerability exists due to a flaw in the way the Exchange Server handles certain requests.

THREAT INTELLIGENCE: The vulnerability has not been actively exploited in the wild. However, Microsoft has rated the severity of the vulnerability as "Important" and has released a security update to address the issue.

SOLUTION: Microsoft has released a security update that addresses the CVE-2021-26858 vulnerability, and it is recommended that affected systems are updated as soon as possible to prevent exploitation. Additionally, it is recommended to follow best practices for securing Exchange Server, such as implementing network segmentation, access controls, and other security measures.

REFERENCES: Microsoft Security Response Center: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26858

Mitigation Instructions for CVE-2020-2021

SUBJECT:CVE-2020-2021: Improper Verification of Signatures in PAN-OS SAML Authentication

Read More

Mitigation Instructions for CVE-2019-1579

SUBJECT:CVE-2019-1579  Remote Code Execution in PAN-OS GlobalProtect Interface

Read More

Mitigation Instructions for CVE-2021-27065

SUBJECT:CVE-2021-27065 Microsoft Exchange Server Remote Code Execution Vulnerability (HAFNIUM Exploited)

Read More