CVE-2024-21410 - Microsoft Exchange Server Privilege Escalation Vulnerability

CVE ID:CVE-2024-21410

Project:Microsoft

Product:Exchange Server

Date Added:2024-02-15Due Date:2024-03-07

Vulnerability Name

Microsoft Exchange Server Privilege Escalation Vulnerability

Description

Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21410

https://nvd.nist.gov/vuln/detail/CVE-2024-21410

Related News Articles

Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler BugsNovember 13, 2024

Top Security News

Top CVE List

Common Alerts

InformationalASP.NET ViewState Disclosure
LowCookie without SameSite Attribute
MediumAbsence of Anti-CSRF Tokens
InformationalCORS Header
HighSource Code Disclosure - File Inclusion
MediumHTTPS to HTTP Insecure Transition in Form Post
HighSQL Injection - SQLite
HighExternal Redirect
InformationalCross Site Scripting (Persistent) - Prime
Medium.htaccess Information Leak

Common CWEs