Known Exploited Vulnerabilities CVE-2021-42321 Mappings

Microsoft Exchange Server Remote Code Execution Vulnerability

Mappings

Capability ID	Capability Description	Mapping Type	ATT&CK ID	ATT&CK Name	Notes
CVE-2021-42321	Microsoft Exchange Server Remote Code Execution Vulnerability	primary_impact	T1059	Command and Scripting Interpreter	Comments This vulnerability is exploited by an adversary who has gained authentication to the Exchange Server and exploited validation issues in command-let arguments. This gives the adversary access to perform remote code execution on the server. References https://techcommunity.microsoft.com/blog/exchange/released-november-2021-exchange-server-security-updates/2933169 https://threatpost.com/microsoft-nov-patch-tuesday-fixes-six-zero-days-55-bugs/176143/
CVE-2021-42321	Microsoft Exchange Server Remote Code Execution Vulnerability	exploitation_technique	T1078	Valid Accounts	Comments This vulnerability is exploited by an adversary who has gained authentication to the Exchange Server and exploited validation issues in command-let arguments. This gives the adversary access to perform remote code execution on the server. References https://www.bleepingcomputer.com/news/security/exploit-released-for-microsoft-exchange-rce-bug-patch-now/ https://techcommunity.microsoft.com/blog/exchange/released-november-2021-exchange-server-security-updates/2933169 https://threatpost.com/microsoft-nov-patch-tuesday-fixes-six-zero-days-55-bugs/176143/