| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2021-34473 | Microsoft Exchange Server Remote Code Execution Vulnerability | secondary_impact | T1486 | Data Encrypted for Impact |
Comments
CVE-2021-34473 is a part of the ProxyShell vulnerabilities in Microsoft Exchange and CVE-2021-34473 is a code execution vulnerability that requires no user action or privileges to exploit.
References
|
| CVE-2021-34473 | Microsoft Exchange Server Remote Code Execution Vulnerability | secondary_impact | T1048.003 | Exfiltration Over Unencrypted Non-C2 Protocol |
Comments
CVE-2021-34473 is a part of the ProxyShell vulnerabilities in Microsoft Exchange and CVE-2021-34473 is a code execution vulnerability that requires no user action or privileges to exploit.
References
|
| CVE-2021-34473 | Microsoft Exchange Server Remote Code Execution Vulnerability | secondary_impact | T1136 | Create Account |
Comments
CVE-2021-34473 is a part of the ProxyShell vulnerabilities in Microsoft Exchange and CVE-2021-34473 is a code execution vulnerability that requires no user action or privileges to exploit.
References
|
| CVE-2021-34473 | Microsoft Exchange Server Remote Code Execution Vulnerability | primary_impact | T1053.005 | Scheduled Task |
Comments
CVE-2021-34473 is a part of the ProxyShell vulnerabilities in Microsoft Exchange and CVE-2021-34473 is a code execution vulnerability that requires no user action or privileges to exploit.
References
|
| CVE-2021-34473 | Microsoft Exchange Server Remote Code Execution Vulnerability | exploitation_technique | T1190 | Exploit Public-Facing Application |
Comments
This is a remote code execution vulnerability that is often chained with CVE-2021-34523, a privilege escalation vulnerability.
References
|