qwqdanchun
/
Goby
mirror of https://github.com/qwqdanchun/Goby.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Goby/json/Microsoft-Exchange-Server-R...

68 lines
2.4 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Name": "Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2021-34473)",
"Description": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31196, CVE-2021-31206.",
"Product": "Microsoft-Exchange-Server",
"Homepage": "https://msrc.microsoft.com",
"DisclosureDate": "2021-07-14",
"Author": "go0p",
"GifAddress": "https://raw.githubusercontent.com/gobysec/GobyVuls/master/Microsoft/Exchange/CVE-2021-34473/Microsoft_Exchange_Server_Remote_Code_Execution_Vulnerability_CVE-2021-34473.gif",
"FofaQuery": "app=\"Microsoft-Exchange\"",
"GobyQuery": "",
"Level": "3",
"Impact": "",
"Recommendation": "Users can refer to the security bulletins provided by the following vendors to obtain patch information: https://msrc.microsoft.com/update-guide/en-US/vulnerability/",
"Translation": {
"CN": {
"Description": "Microsoft Exchange Server是Microsoft开发的邮件服务器和日历服务器。 Microsoft Exchange Server存在远程代码执行漏洞。攻击者可利用该漏洞实现远程代码执行。",
"Impact": "Impact",
"Name": "Microsoft Exchange Server远程代码执行漏洞CNVD-2021-51485",
"Product": "Microsoft Exchange Server",
"Recommendation": "厂商已发布了漏洞修复程序,请及时关注更新: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-34473"
}
},
"References": null,
"RealReferences": [
"http://packetstormsecurity.com/files/163895/Microsoft-Exchange-ProxyShell-Remote-Code-Execution.html",
"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34473",
"https://www.zerodayinitiative.com/advisories/ZDI-21-821/",
"https://nvd.nist.gov/vuln/detail/CVE-2021-34473",
"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34473"
],
"HasExp": true,
"ExpParams": [
{
"name": "Mode",
"type": "select",
"value": "GetShell,Exec_Ps"
},
{
"name": "Exec",
"type": "input",
"value": "Get-User",
"show": "Mode=Exec_Ps"
}
],
"ExpTips": {
"Type": "",
"Content": ""
},
"ScanSteps": null,
"ExploitSteps": null,
"Tags": ["getshell"],
"CVEIDs": [
"CVE-2021-34473"
],
"CVSSScore": "9.8",
"CNVDIDs": [
"CNVD-2021-51485"
],
"CNNVDIDs": null,
"AttackSurfaces": {
"Application": ["Microsoft-Exchange"],
"Support": null,
"Service": null,
"System": null,
"Hardware": null
},
"Disable": false
}
Reference in New Issue View Git Blame Copy Permalink