| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2021-26858 | Microsoft Exchange Server Remote Code Execution Vulnerability | primary_impact | T1505.003 | Web Shell |
Comments
CVE-2021-26858, part of Proxy Logon, is a post-authentication arbitrary file write vulnerability in Exchange. CVE-2021-26858 and CVE-2021-27065 are similar post-authentication arbitrary write file vulnerabilities in Exchange. An attacker, authenticated either by using CVE-2021-26855 or via stolen admin credentials, could write a file to any path on the server.
References
|
| CVE-2021-26858 | Microsoft Exchange Server Remote Code Execution Vulnerability | exploitation_technique | T1190 | Exploit Public-Facing Application |
Comments
CVE-2021-26858, part of Proxy Logon, is a post-authentication arbitrary file write vulnerability in Exchange. CVE-2021-26858 and CVE-2021-27065 are similar post-authentication arbitrary write file vulnerabilities in Exchange. An attacker, authenticated either by using CVE-2021-26855 or via stolen admin credentials, could write a file to any path on the server.
References
|