• Tenable
  • CVEs
  • Settings
    Links
    Tenable Cloud Tenable Community & Support Tenable University
    Severity
    Theme
  • Tenable
  • Plugins
  • Overview
  • Plugins Pipeline
  • Newest
  • Updated
  • Search
  • Nessus Families
  • WAS Families
  • NNM Families
  • LCE Families
  • Tenable OT Security Families
  • About Plugin Families
  • Release Notes
  • Audits
  • Overview
  • Newest
  • Updated
  • Search Audit Files
  • Search Items
  • References
  • Authorities
  • Documentation
  • Download All Audit Files
  • Indicators
  • Overview
  • Search
  • Indicators of Attack
  • Indicators of Exposure
  • CVEs
  • Overview
  • Newest
  • Updated
  • Search
  • Attack Path Techniques
  • Overview
  • Search
    • Links
    • Tenable Cloud
    • Tenable Community & Support
    • Tenable University
    • Settings
    • Severity
    • Theme
Detections
  • Plugins
  • Overview
  • Plugins Pipeline
  • Release Notes
  • Newest
  • Updated
  • Search
  • Nessus Families
  • WAS Families
  • NNM Families
  • LCE Families
  • Tenable OT Security Families
  • About Plugin Families
  • Audits
  • Overview
  • Newest
  • Updated
  • Search Audit Files
  • Search Items
  • References
  • Authorities
  • Documentation
  • Download All Audit Files
  • Indicators
  • Overview
  • Search
  • Indicators of Attack
  • Indicators of Exposure
Analytics
  • CVEs
  • Overview
  • Newest
  • Updated
  • Search
  • Attack Path Techniques
  • Overview
  • Search
  1. CVEs
  2. CVE-2021-31206
  1. CVEs

CVE-2021-31206

high
  • Information
  • CPEs
  • Plugins

Description

Microsoft Exchange Server Remote Code Execution Vulnerability

References

  • Advisories
  • Exploits
  • Tenable Blogs
  • More

https://www.zerodayinitiative.com/advisories/ZDI-21-826/

https://cyware.com/resources/research-and-analysis/beneath-the-surface-avoslockers-ransomware-as-a-service-and-cybercrime-tactics-f14f

https://www.tenable.com/cyber-exposure/a-look-inside-the-ransomware-ecosystem

https://web.archive.org/web/20211025233339/https://twitter.com/pancak3lullz/status/1452679527197560837

https://www.tenable.com/blog/aa22-257a-cybersecurity-joint-advisory-on-iranian-islamic-revolutionary-guard-ransomware

https://www.tenable.com/blog/microsoft-s-july-2021-patch-tuesday-includes-116-cves-cve-2021-31979-cve-2021-33771

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31206

Details

Source: Mitre, NVD

Published: 2021-07-14

Updated: 2023-12-28

Named Vulnerability: ProxyShell

Risk Information

CVSS v2

Base Score: 7.9

Vector: CVSS2#AV:A/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L

Severity: High

EPSS

EPSS: 0.0655

  • Tenable.com
  • Community & Support
  • Documentation
  • Education
  • © 2025 Tenable®, Inc. All Rights Reserved
  • Privacy Policy
  • Legal
  • 508 Compliance